Telecommunications


  • Australia asks FBI to help find attacker who stole data from millions of users

    September 28, 2022

    Australian authorities have asked the United States Federal Bureau of Investigation (FBI) to assist with investigations into the data breach at local telco Optus. Attorney general Mark Dreyfus yesterday revealed the FBI was asked to help identify the entities involved in the attack, which saw Optus leak data describing over ten million account holders. Data suspected ...

  • New hacking group ‘Metador’ lurking in ISP networks for months

    September 25, 2022

    A previously unknown threat actor that researchers have named ‘Metador’ has been breaching telecommunications, internet services providers (ISPs), and universities for about two years. Metador targets organizations in the Middle East and Africa and their purpose appears to be long-term persistence for espionage. The group uses two Windows-based malware that have been described as “extremely complex” ...

  • Russian Sandworm hackers pose as Ukrainian telcos to drop malware

    September 19, 2022

    The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. Sandworm is a state-backed threat actor attributed by the US government as part of the Russian GRU foreign military intelligence service. The APT hacking group is believed to have been behind numerous attacks this year, including ...

  • Hive ransomware claims cyberattack on Bell Canada subsidiary

    September 15, 2022

    The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS). BTS is an independent subsidiary with more than 4,500 employees, specializing in installing Bell services for residential and small business customers across the Ontario and Québec provinces. While the Canadian telecommunications company didn’t reveal when its ...

  • New Wave of Espionage Activity Targets Asian Governments

    September 13, 2022

    A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. The attacks, which have been underway since at least early 2021, appear to ...

  • US telcos admit to storing, handing over location data

    September 2, 2022

    US mobile carriers know a lot about where their customers every move, and according to letters sent to the Federal Communications Commission (FCC), they routinely store such location data for years, willingly hand it over to law enforcement if served a proper subpoena, and say users can’t opt out. FCC chairwoman Jessica Rosenworcel said in a ...

  • Indian military ready to put long-range quantum key distribution on the line

    August 15, 2022

    India’s military has celebrated the nation’s Independence Day by announcing it will adopt locally developed quantum key distribution (QKD) technology that can operate across distances of 150km. QKD is a technology to securely distribute encryption keys – items that could make communications an open book to an adversary. QKD makes interception of encryption keys vastly difficult ...

  • Private 5G Network Security Expectations Part 3

    July 11, 2022

    Trend Micro conducted a survey on private wireless network security in collaboration with 451 Research, part of S&P Global Market Intelligence, in four countries (Germany, the U.K, Spain, and the U.S.) across the manufacturing, electricity, oil and gas, and healthcare industries. Trend Micro have introduced this survey’s findings on the expectations for private 5G security ...

  • Canada’s internet outage caused by ‘maintenance’

    July 10, 2022

    One of Canada’s largest mobile and internet providers, Rogers, has apologised for the country-wide outage of its services which began on Friday. The company’s CEO Tony Staffieri said the failure followed “a maintenance update in our core network”. Transport, banking and emergency services were all hit by Friday’s blackout, with 911 hotlines and bank ATMs left unavailable. Read ...

  • Germany unveils plan to tackle cyberattacks on satellites

    July 5, 2022

    The German Federal Office for Information Security (BSI) has put out an IT baseline protection profile for space infrastructure amid concerns that attackers could turn their gaze skywards. The document, published last week, is the result of a year of work by Airbus Defence and Space, the German Space Agency at the German Aerospace Center (DLR), ...

  • GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

    June 13, 2022

    Over the past year, this group has extended its targeting beyond telecommunication companies to also include financial institutions and government entities. During this period, we have identified several connections between GALLIUM infrastructure and targeted entities across Afghanistan, Australia, Belgium, Cambodia, Malaysia, Mozambique, the Philippines, Russia and Vietnam. Most importantly, we have also identified the group’s ...

  • People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

    June 8, 2022

    This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure. These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organizations. The advisory details the ...

  • Ukraine’s secret cyber-defense that blunts Russian attacks: excellent backups

    June 8, 2022

    The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was “one of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare,” according to Dmitri Alperovitch, a co-founder of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator. Alperovitch shared that opinion during a ...

  • Android patches incoming for NAS-ty memory overwrite flaw

    June 3, 2022

    A critical flaw in the LTE firmware of the fourth-largest smartphone chip biz in the world could be exploited over the air to block people’s communications and deny services. The vulnerability in the baseband – or radio modem – of UNISOC’s chipset was found by folks at Check Point Research who were looking for ways the ...

  • WinDealer dealing on the side

    June 2, 2022

    LuoYu is a lesser-known threat actor that has been active since 2008. It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. In their initial disclosures on this threat actor, TeamT5 identified three malware ...

  • CISA and DoD Release 5G Security Evaluation Process Investigation Study

    May 26, 2022

    CISA and the Department of Defense (DoD) have released their 5G Security Evaluation Process Investigation Study for federal agencies. The new features, capabilities, and services offered by fifth-generation (5G) cellular network technology can transform mission and business operations; and federal agencies will eventually be applying different 5G usage scenarios: low-, mid-, and high-band spectrum. The study ...

  • Canada to ban Huawei and ZTE and tell telcos to rip out 5G and 4G equipment

    May 20, 2022

    Following the steps of its Five Eyes partners, Canada has moved to ban Huawei and ZTE from its telco networks. “The government of Canada is ensuring the long term safety of our telecommunications infrastructure. As part of that, the government intends to prohibit the inclusion of Huawei and ZTE products and services in Canada’s telecommunications systems,” ...

  • U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

    May 10, 2022

    CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial satellite communications networks to disrupt Ukrainian ...

  • Indian government wants VPNs to store and share user data

    May 4, 2022

    A new directive from the Ministry of Electronics and Information Technology (MeitY) and the Indian Computer Emergency Response Team (CERT-in) requires VPN companies to retain data on users for 5 years or more. The rule also applies to data centres and cryptocurrency exchanges and will come into effect from July 27. According to a new directive, ...

  • Chinese cyber-espionage group Moshen Dragon targets Asian telcos

    May 2, 2022

    Researchers have identified a new cluster of malicious cyber activity tracked as Moshen Dragon, targeting telecommunication service providers in Central Asia. While this new threat group has some overlaps with “RedFoxtrot” and “Nomad Panda,” including the use of ShadowPad and PlugX malware variants, there are enough differences in their activity to follow them separately. According to a ...