Sustained Campaign Using Chinese Espionage Tools Targets Telcos


Attackers using tools associated with Chinese espionage groups have breached multiple telecom operators in a single Asian country in a long-running espionage campaign.

The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials. The attacks have been underway since at least 2021, with evidence to suggest that some of this activity may even date as far back as 2020. Virtually all of the organizations targeted were telecoms operators, with the addition of a services company that serves the telecoms sector and a university in another Asian country.

Read more…
Source: Symantec


Sign up for our Newsletter


Related:

  • AT&T data breach exposes call records of ‘nearly all’ wireless customers

    July 14, 2024

    US telecom giant AT&T disclosed on Friday a data breach that exposed phone records of “nearly all” of its customers. The breach, affecting an estimated 110 million people, comes just months after another AT&T security incident involving personal information, and was disclosed in a filing with regulators last week. “We learned that AT&T customer data was ...

  • India’s Airtel dismisses data breach reports amid customer concerns

    July 5, 2024

    Airtel, India’s second-largest telecom operator, on Friday denied any breach of its systems following reports of an alleged security lapse that has caused concern among its customers. The telecom group, which also sells productivity and security solutions to businesses, said it had conducted a “thorough investigation” and found that there has been no breach whatsoever into ...

  • Ukrainian intelligence cyberattack cripples telecom networks in Russian-occupied territories

    July 2, 2024

    Mirtelecom subscribers were unable to access the network in occupied Crimea and in occupied parts of Zaporizhzhya and Kherson oblasts. Another Russian provider, Farline, suffered significant damage, primarily in Crimea. Similar attacks continued the following month, targeting propaganda media servers, local occupation authorities, contact centers, registration and traffic control systems on the Kerch Bridge, critical airport ...

  • The US Wants to Integrate the Commercial Space Industry With Its Military to Prevent Cyber Attacks

    June 29, 2024

    The US military recently launched a groundbreaking initiative to strengthen ties with the commercial space industry. The aim is to integrate commercial equipment into military space operations, including satellites and other hardware. This would enhance cybersecurity for military satellites. As space becomes more important to the world’s critical infrastructure, the risk increases that hostile nation-states will ...

  • Stopping Chinese cyberattacks is officially now the biggest priority for US security forces

    June 25, 2024

    The US Department of Homeland Security (DHS) has shuffled its priorities to place battling the “cyber and other threats posed by the People’s Republic of China” at the top of the list, at least until the end of 2025. China has been conducting numerous cyber attacks against US infrastructure, particularly focussing on internet-facing endpoints within water ...

  • Chinese hackers have stepped up attacks on Taiwanese organizations

    June 24, 2024

    A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy, according to cybersecurity intelligence company Recorded Future. RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded ...