An ambitious group of suspected state-backed hackers has been burrowing into telecoms to spy on high-profile targets across the world, a US cybersecurity firm said in a report published on Tuesday.
Boston-based Cybereason said the tactic gave hackers sweeping access to the targets’ call records, location data and device information — effectively turning the targets’ telecom against them.
Because customers were not directly targeted, they might never discover that their every movement was being monitored by a hostile power, Cybereason chief executive Lior Div said.
The hackers have turned the affected telecoms into “a global surveillance system,” Div said in a telephone interview. “Those individuals don’t know they were hacked — because they weren’t.”
Div, who presented his findings at the Cyber Week conference in Tel Aviv, Israel, provided scant details about who was targeted in the hack.
Cybereason had been called in to help an unidentified telecom last year and discovered that the hackers had broken into the firm’s billing server, where call records are logged, he said.
The hackers were using their access to extract the data of “around 20” customers, Div said.
Who those people were he declined to say, describing them as mainly coming from the worlds of politics and the military.
He said the information was so sensitive that he would not provide even the vaguest idea of where they or the telecom were located.
“I’m not even going to share the continent,” he said.
Cybereason said the compromise of its customer eventually led it to about 10 other firms that had been hit in a similar way, with hackers stealing data in 100 gigabyte chunks.
Div said that, in some cases, the hackers even appeared to be tracking non-phone devices, such as vehicles or smartwatches.
Cybereason said that it was in the process of briefing some of the world’s largest telecoms on the development.
The GSM Association, a group that represents mobile operators worldwide, said in an e-mail that it was monitoring the situation.
Who might be behind such hacking campaigns is often a fraught question in a world full of digital false flags.
Cybereason said all the signs pointed to APT10 — the nickname often applied to a notorious cyberespionage group that US authorities and digital security experts have tied to the Chinese government, but Div said that the clues they found were so obvious that he and his team sometimes wondered whether they might have been left on purpose.
“I thought: ‘Hey, just a second, maybe it’s somebody who wants to blame APT10,’” he said.
Chinese authorities routinely deny responsibility for hacking operations. The Chinese embassy in London did not immediately return a request seeking comment.
Div said that it was unclear whether the ultimate targets of the espionage operation were warned, saying that Cybereason had left it to the telecom to notify its customers.
Div added that he had been in touch with “a handful” of law enforcement agencies about the matter, although he did not say which ones.
A magnitude 7.8 earthquake struck off the southern coast of Mindanao in the Philippines at 7:38am today, prompting the US Tsunami Warning System to issue an alert for neighboring countries, including Taiwan. The system issued a purple alert indicating a "tsunami threat." The potential threat zone includes Taiwan, the Philippines, Papua New Guinea, Yap and Palau. Philippine authorities were assessing the damage from the quake, with the office of civil defense seeking to verifying initial reports that 15 people had been killed and 129 injured in the region, mostly from falling debris. Arlene Hollero, disaster chief of Maasim town in the Philippines' Sarangani Province,
‘GRAY ZONE’ PRESSURE: Beijing’s activities are intended to create the deceitful impression that China has jurisdiction over the area around Taiwan, the CGA said Taiwan’s rights over its territorial waters and exclusive economic zone must not be violated by any country, the Mainland Affairs Council said yesterday, adding that it will not accept any unprovoked actions. The council issued the remarks in response to the China Coast Guard conducting maritime enforcement drills near eastern Taiwan and claiming to fully exercise China’s maritime administrative law enforcement authority. The Coast Guard Administration (CGA) has been closely monitoring the situation and is taking concrete steps to defend the nation’s sovereignty and secure its waters, the council said. China has no sovereign rights over the waters off eastern
RESILIENCE: Taiwan plays a key role in semiconductors, energy, information infrastructure and advanced manufacturing, AIT Director Raymond Greene said Taiwan’s continued investment in deterrence and resilience remains vital, especially in uncrewed systems and other emerging technologies, American Institute in Taiwan (AIT) Director Raymond Greene said yesterday. Greene made the remarks at the annual National Strategic Summit on Supply Chain Resilience held by the Research Institute for Democracy, Society and Emerging Technology (DSET), a government-backed think tank. As Taiwan last year became the US’ fourth-largest trading partner and supply chain security is becoming more important, cooperation in emerging technologies continues to deepen between the two countries, he said. The US is committed to accelerating innovation, building key infrastructure, strengthening cooperation
The National Chungshan Institute of Science and Technology yesterday showcased its locally developed variants of the Vision 60 robotic patrol dog, which it plans to deploy on the nation’s outlying territories in the South China Sea. The variants were produced under the Joint Lab project — created by the institute and domestic companies — and assembled with domestically produced motors, lenses and artificial intelligence (AI) systems alongside licensed tech from the US, Missile and Rocket Systems Research Division deputy director Jen Kuo-kang (任國光) told the media event at a military base in Taipei’s Dazhi (大直) area. Taiwan has built up its strengths
RSS