Info-tech

Hackers hit global telcos in espionage campaign: cyber research firm

Reuters TEL AVIV | Updated on June 25, 2019 Published on June 25, 2019

Hackers have broken into the systems of more than a dozen global telecoms companies and taken large amounts of personal and corporate data, researchers from a cyber security company said on Tuesday, identifying links to previous Chinese cyber-espionage campaigns.

Investigators at US-Israeli cyber security firm Cybereason said the attackers compromised companies in more than 30 countries and aimed to gather information on individuals in government, law-enforcement and politics. The hackers also used tools linked to other attacks attributed to Beijing by the United States and its Western allies, said Lior Div, chief executive of Cybereason. “For this level of sophistication it's not a criminal group. It is a government that has capabilities that can do this kind of attack,” he told Reuters.

China has repeatedly denied involvement in any hacking activity. Cybereason declined to name the companies affected or the countries they operate in, but people familiar with Chinese hacking operations said Beijing was increasingly targeting telcos in Western Europe.

Western countries have moved to call out Beijing for its actions in cyberspace, warning that Chinese hackers have compromised companies and government agencies around the world to steal valuable commercial secrets and personal data for espionage purposes.

Div said this latest campaign, which his team uncovered over the last nine months, compromised the internal IT network of some of those targeted, allowing the attackers to customise the infrastructure and steal vast amounts of data.

In some instances, they managed to compromise a target's entire active directory, giving them access to every username and password in the organisation. They also got hold of personal data, including billing information and call records, Cybereason said in a blog post. “They built a perfect espionage environment,” said Div, a former commander in Israel's military intelligence unit 8200. ”They could grab information as they please on the targets that they are interested in.”

Cybereason said multiple tools used by the attackers had previously been used by a Chinese hacking group known as APT10. The United States indicted two alleged members of APT10 in December and joined other Western countries in denouncing the group's attacks on global technology service providers to steal intellectual property from their clients.

The company said on previous occasions it had identified attacks it suspected had come from China or Iran but it was never certain enough to name these countries. Cybereason said: “This time as opposed to in the past we are sure enough to say that the attack originated in China. We managed to find not just one piece of software, we managed to find more than five different tools that this specific group used,” Div said.

Published on June 25, 2019

A letter from the Editor

Dear Readers,

The coronavirus crisis has changed the world completely in the last few months. All of us have been locked into our homes, economic activity has come to a near standstill. Everyone has been impacted.

Including your favourite business and financial newspaper. Our printing and distribution chains have been severely disrupted across the country, leaving readers without access to newspapers. Newspaper delivery agents have also been unable to service their customers because of multiple restrictions.

In these difficult times, we, at BusinessLine have been working continuously every day so that you are informed about all the developments – whether on the pandemic, on policy responses, or the impact on the world of business and finance. Our team has been working round the clock to keep track of developments so that you – the reader – gets accurate information and actionable insights so that you can protect your jobs, businesses, finances and investments.

We are trying our best to ensure the newspaper reaches your hands every day. We have also ensured that even if your paper is not delivered, you can access BusinessLine in the e-paper format – just as it appears in print. Our website and apps too, are updated every minute, so that you can access the information you want anywhere, anytime.

But all this comes at a heavy cost. As you are aware, the lockdowns have wiped out almost all our entire revenue stream. Sustaining our quality journalism has become extremely challenging. That we have managed so far is thanks to your support. I thank all our subscribers – print and digital – for your support.

I appeal to all or readers to help us navigate these challenging times and help sustain one of the truly independent and credible voices in the world of Indian journalism. Doing so is easy. You can help us enormously simply by subscribing to our digital or e-paper editions. We offer several affordable subscription plans for our website, which includes Portfolio, our investment advisory section that offers rich investment advice from our highly qualified, in-house Research Bureau, the only such team in the Indian newspaper industry.

A little help from you can make a huge difference to the cause of quality journalism!

Sincerely,

Support Quality Journalism
Hacking
cyber attacks
telecommunication service
This article is closed for comments.
Please Email the Editor
You have read 1 out of 3 free articles for this week. For full access, please subscribe and get unlimited access to all sections.