An ambitious group of suspected state-backed hackers has been burrowing into telecoms to spy on high-profile targets across the world, a US cybersecurity firm said in a report published on Tuesday.
Boston-based Cybereason said the tactic gave hackers sweeping access to the targets’ call records, location data and device information — effectively turning the targets’ telecom against them.
Because customers were not directly targeted, they might never discover that their every movement was being monitored by a hostile power, Cybereason chief executive Lior Div said.
The hackers have turned the affected telecoms into “a global surveillance system,” Div said in a telephone interview. “Those individuals don’t know they were hacked — because they weren’t.”
Div, who presented his findings at the Cyber Week conference in Tel Aviv, Israel, provided scant details about who was targeted in the hack.
Cybereason had been called in to help an unidentified telecom last year and discovered that the hackers had broken into the firm’s billing server, where call records are logged, he said.
The hackers were using their access to extract the data of “around 20” customers, Div said.
Who those people were he declined to say, describing them as mainly coming from the worlds of politics and the military.
He said the information was so sensitive that he would not provide even the vaguest idea of where they or the telecom were located.
“I’m not even going to share the continent,” he said.
Cybereason said the compromise of its customer eventually led it to about 10 other firms that had been hit in a similar way, with hackers stealing data in 100 gigabyte chunks.
Div said that, in some cases, the hackers even appeared to be tracking non-phone devices, such as vehicles or smartwatches.
Cybereason said that it was in the process of briefing some of the world’s largest telecoms on the development.
The GSM Association, a group that represents mobile operators worldwide, said in an e-mail that it was monitoring the situation.
Who might be behind such hacking campaigns is often a fraught question in a world full of digital false flags.
Cybereason said all the signs pointed to APT10 — the nickname often applied to a notorious cyberespionage group that US authorities and digital security experts have tied to the Chinese government, but Div said that the clues they found were so obvious that he and his team sometimes wondered whether they might have been left on purpose.
“I thought: ‘Hey, just a second, maybe it’s somebody who wants to blame APT10,’” he said.
Chinese authorities routinely deny responsibility for hacking operations. The Chinese embassy in London did not immediately return a request seeking comment.
Div said that it was unclear whether the ultimate targets of the espionage operation were warned, saying that Cybereason had left it to the telecom to notify its customers.
Div added that he had been in touch with “a handful” of law enforcement agencies about the matter, although he did not say which ones.
LIMITS: While China increases military pressure on Taiwan and expands its use of cognitive warfare, it is unwilling to target tech supply chains, the report said US and Taiwan military officials have warned that the Chinese People’s Liberation Army (PLA) could implement a blockade within “a matter of hours” and need only “minimal conversion time” prior to an attack on Taiwan, a report released on Tuesday by the US Senate’s China Economic and Security Review Commission said. “While there is no indication that China is planning an imminent attack, the United States and its allies and partners can no longer assume that a Taiwan contingency is a distant possibility for which they would have ample time to prepare,” it said. The commission made the comments in its annual
DETERMINATION: Beijing’s actions toward Tokyo have drawn international attention, but would likely bolster regional coordination and defense networks, the report said Japanese Prime Minister Sanae Takaichi’s administration is likely to prioritize security reforms and deterrence in the face of recent “hybrid” threats from China, the National Security Bureau (NSB) said. The bureau made the assessment in a written report to the Legislative Yuan ahead of an oral report and questions-and-answers session at the legislature’s Foreign Affairs and National Defense Committee tomorrow. The key points of Japan’s security reforms would be to reinforce security cooperation with the US, including enhancing defense deployment in the first island chain, pushing forward the integrated command and operations of the Japan Self-Defense Forces and US Forces Japan, as
INTERCEPTION: The 30km test ceiling shows that the CSIST is capable of producing missiles that could stop inbound missiles as they re-enter the atmosphere Recent missile tests by the Chungshan Institute of Science and Technology (CSIST) show that Taiwan’s missiles are capable of intercepting ballistic missiles as they re-enter the atmosphere and pose a significant deterrent to Chinese missile threats, former Hsiung Feng III missile development project chief engineer Chang Cheng (張誠) said yesterday. The military-affiliated institute has been conducting missile tests, believed to be related to Project Chiang Kung (強弓) at Pingtung County’s Jiupeng Military Base, with many tests deviating from past practices of setting restriction zones at “unlimited” and instead clearly stating a 30.48km range, Chang said. “Unlimited” restrictions zones for missile tests is
PUBLIC SAFETY: The nationwide distribution campaign aims to enhance society’s overall understanding of threats and bolster defense awareness, an official said The latest edition of the National Public Safety Guide is being mailed to all citizens starting today to foster public awareness of self-defense in the event of war or natural disasters, the Ministry of National Defense said yesterday. “The guides will be disseminated to the public to enhance society’s overall understanding of threats and bolster defense awareness, demonstrating the government’s emphasis on people’s safety and its determination to pursue self-defense,” All-out Defense Mobilization Agency Director Shen Wei-chih (沈威志) said at the ministry’s news conference. The nationwide distribution campaign was planned according to President Lai William’s (賴清德) Sept. 20 directive, he said, adding
RSS