Luxembourg is officially investigating a cyberattack that led to a nationwide telecommunications outage on July 23, 2025. The outage, which affected 4G and 5G mobile networks, left many people without the ability to access emergency services and caused widespread disruptions to internet access and electronic banking services across the country.
The Cyberattack:
The cyberattack is suspected to have targeted Huawei equipment within Luxembourg’s telecom infrastructure, specifically impacting POST Luxembourg, the state-owned enterprise responsible for operating most of the country’s telecoms systems. This attack is considered to be a deliberate disruption rather than a breach of security systems. According to Luxembourg’s officials, the attackers exploited a vulnerability in a “standardised software component” used by POST Luxembourg. The attack caused such severe disruptions that 2G fallback systems were overwhelmed, leaving large parts of the population unable to access basic services, including emergency calls.
Response and Investigation:
Upon the discovery of the attack, Luxembourg’s government expressed its concerns regarding the widespread effects on the population and the challenges it posed for emergency services. The government convened a special crisis response cell, with key players from the National Cybersecurity and Incident Response Team (CSIRT) and other relevant agencies involved in the investigation.
The Luxembourg authorities have been working closely with POST Luxembourg and the national CSIRT to perform a forensic investigation into the exact nature of the attack. While Huawei’s involvement has not been formally acknowledged by government officials, reports from Paperjam indicate that the cyberattack specifically targeted Huawei routers, which are integral to POST Luxembourg’s network infrastructure.
Previous Vulnerabilities:
There have been remote denial-of-service vulnerabilities previously identified in the Huawei VRP network operating system, used in Huawei’s enterprise networking products. Although these vulnerabilities have not been publicly disclosed recently, their existence raises concerns about potential weaknesses in the telecom infrastructure dependent on Huawei’s technology.
Impact and Future Measures:
The disruption caused by the cyberattack has raised alarms over the robustness of Luxembourg’s critical infrastructure. Officials are re-evaluating the country’s reliance on a single provider for such a crucial service. In response to this, Luxembourg is now exploring measures to improve the resilience of its telecom networks, including mobile network redundancy and allowing automatic network switching to alternative operators in case of telecom outages.
This incident has accelerated Luxembourg’s ongoing national resilience review, which was already in progress prior to the attack. Regulatory changes are being considered to ensure that mobile phones can automatically switch to different networks during service disruptions, a practice already implemented in other countries like the UK, Germany, and the US.
Conclusion:
The cyberattack in Luxembourg highlights the growing risks faced by national telecom infrastructures, especially when vulnerabilities are tied to critical technologies. As investigations continue, Luxembourg’s authorities are working diligently to mitigate the effects of the attack and bolster the country’s preparedness against future cyber threats. Meanwhile, the situation has prompted many to reconsider the security of Huawei equipment in key infrastructures, particularly in light of telecommunications and cybersecurity risks that could affect national security.
