Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
Tech
News18 » Tech
2-min read

US Firm States State-Sponsored Chinese Hackers May Have Breached Major Global Telcos

Boston-based Cyberreason has stated that a group of Chinese hackers may have recently breached over a dozen telecom operators across the world, stealing massive data in a cyber warfare operation.

IANS

Updated:June 25, 2019, 8:04 PM IST
facebookTwitterskypewhatsapp
US Firm States State-Sponsored Chinese Hackers May Have Breached Major Global Telcos
Boston-based Cyberreason has stated that a group of Chinese hackers may have recently breached over a dozen telecom operators across the world, stealing massive data in a cyber warfare operation.

Suspected Chinese hackers have infiltrated into the networks of over a dozen telecommunication providers in Europe, Asia, Africa and the Middle East -- gaining control and stealing hundreds of gigabytes of data of individuals, a US-based cyber security firm has revealed.

Any entity that possesses the power to take over the networks of telecommunications providers can potentially leverage its unlawful access and control of the network to shut down or disrupt an entire cellular network as part of a larger cyber warfare operation, said Boston-based Cyberreason. The team at Cyberreason, as part of their Operation Soft Cell, has concluded "with a high level of certainty that the threat actor is affiliated with China and is likely state sponsored".

"The tools and techniques used throughout these attacks are consistent with several Chinese threat actors, specifically with APT10, a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS)," said the firm on Monday. The hackers have obtained all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users and more.

"Last year, we identified a threat actor that has been operating in telecommunications provider environments for at least two years. We performed a post-incident review of the attacks and were able to identify changes in the attack patterns along with new activity every quarter," said Amit Serper, Cyberreason's Head of security research. "This type of targeted cyber espionage is usually the work of nation state threat actors," he added.

The attack began with a web shell running on a vulnerable, publicly-facing server, from which the attackers gathered information about the network and propagated across the network. The threat actor attempted to compromise critical assets, such as database servers, billing servers, and the active directory. As malicious activity was detected and remediated against, the threat actor stopped the attack. During the persistent attack, the attackers worked in waves - abandoning one thread of attack when it was detected and stopped, only to return months later with new tools and techniques.

In 2018, 30 per cent of the telecommunications providers reported sensitive customer information was stolen due to an attack. In the past 13 years, mobile cellular phone subscribers have quadrupled in size and sit at eight billion subscribers today. Due to their wide availability and the fundamental service they bring, telecommunications providers have become critical infrastructure for the majority of world powers. "Much like telecommunication providers, many other critical infrastructure organizations provide a valuable targets for nation state threat actors, due to their high impact," said the researchers.

The threat actor managed to infiltrate into the deepest segments of the providers' network, including some isolated from the internet, as well as compromise critical assets. "Our investigation showed that these attacks were targeted, and that the threat actor sought to steal communications data of specific individuals in various countries," said Cyberreason.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: ---
Read full article
Next Story
Next Story

Also Watch

facebookTwitterskypewhatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results