Sierra Tel

Sierra Tel operated as an internet service provider based in California, United States, delivering connectivity and telephone services to its residential and business customers. The company's infrastructure relied on customer-premises equipment, specifically Zyxel HN-51 modems, to provide last-mile network access. Its operational scope was regional, serving customers within California, and its core business involved the provision of broadband internet and voice communication services over its network. The provider's technical footprint was defined by its deployment of these specific modem models, which became a critical point of failure during a major security incident.

In April 2017, Sierra Tel experienced a catastrophic, widespread outage that severed both internet and telephone connectivity for its customer base. This disruption was directly caused by a malicious hacking event that targeted the Zyxel HN-51 devices on its network. The attack involved conflicting IoT malware families, with evidence pointing to BrickerBot, which permanently disables unsecured devices by overwriting their storage, and potentially Mirai, known for conscripting devices into botnets. The combined assault rendered the compromised modems inoperable, unable to reconnect to the provider's network. The scale of the hardware failure overwhelmed Sierra Tel's operational capacity, leading to significant delays in its remediation efforts. The provider was forced to initiate a large-scale program to replace or repair the affected customer hardware. The incident underscored critical vulnerabilities in the remote management interfaces of widely deployed modem hardware, a weakness previously exploited in other attacks. Throughout the crisis, Sierra Tel collaborated with law enforcement agencies to investigate the criminal breach while managing the extensive customer impact caused by the hardware destruction. The event highlighted the direct operational risk that IoT malware poses to an ISP's service continuity and the substantial logistical challenges of mass hardware replacement following a targeted destructive attack.