An ambitious group of suspected state-backed hackers has been burrowing into telecoms to spy on high-profile targets across the world, a US cybersecurity firm said in a report published on Tuesday.
Boston-based Cybereason said the tactic gave hackers sweeping access to the targets’ call records, location data and device information — effectively turning the targets’ telecom against them.
Because customers were not directly targeted, they might never discover that their every movement was being monitored by a hostile power, Cybereason chief executive Lior Div said.
The hackers have turned the affected telecoms into “a global surveillance system,” Div said in a telephone interview. “Those individuals don’t know they were hacked — because they weren’t.”
Div, who presented his findings at the Cyber Week conference in Tel Aviv, Israel, provided scant details about who was targeted in the hack.
Cybereason had been called in to help an unidentified telecom last year and discovered that the hackers had broken into the firm’s billing server, where call records are logged, he said.
The hackers were using their access to extract the data of “around 20” customers, Div said.
Who those people were he declined to say, describing them as mainly coming from the worlds of politics and the military.
He said the information was so sensitive that he would not provide even the vaguest idea of where they or the telecom were located.
“I’m not even going to share the continent,” he said.
Cybereason said the compromise of its customer eventually led it to about 10 other firms that had been hit in a similar way, with hackers stealing data in 100 gigabyte chunks.
Div said that, in some cases, the hackers even appeared to be tracking non-phone devices, such as vehicles or smartwatches.
Cybereason said that it was in the process of briefing some of the world’s largest telecoms on the development.
The GSM Association, a group that represents mobile operators worldwide, said in an e-mail that it was monitoring the situation.
Who might be behind such hacking campaigns is often a fraught question in a world full of digital false flags.
Cybereason said all the signs pointed to APT10 — the nickname often applied to a notorious cyberespionage group that US authorities and digital security experts have tied to the Chinese government, but Div said that the clues they found were so obvious that he and his team sometimes wondered whether they might have been left on purpose.
“I thought: ‘Hey, just a second, maybe it’s somebody who wants to blame APT10,’” he said.
Chinese authorities routinely deny responsibility for hacking operations. The Chinese embassy in London did not immediately return a request seeking comment.
Div said that it was unclear whether the ultimate targets of the espionage operation were warned, saying that Cybereason had left it to the telecom to notify its customers.
Div added that he had been in touch with “a handful” of law enforcement agencies about the matter, although he did not say which ones.
In his National Day Rally speech on Sunday, Singaporean Prime Minister Lawrence Wong (黃循財) quoted the Taiwanese song One Small Umbrella (一支小雨傘) to describe his nation’s situation. Wong’s use of such a song shows Singapore’s familiarity with Taiwan’s culture and is a perfect reflection of exchanges between the two nations, Representative to Singapore Tung Chen-yuan (童振源) said yesterday in a post on Facebook. Wong quoted the song, saying: “As the rain gets heavier, I will take care of you, and you,” in Mandarin, using it as a metaphor for Singaporeans coming together to face challenges. Other Singaporean politicians have also used Taiwanese songs
NORTHERN STRIKE: Taiwanese military personnel have been training ‘in strategic and tactical battle operations’ in Michigan, a former US diplomat said More than 500 Taiwanese troops participated in this year’s Northern Strike military exercise held at Lake Michigan by the US, a Pentagon-run news outlet reported yesterday. The Michigan National Guard-sponsored drill involved 7,500 military personnel from 36 nations and territories around the world, the Stars and Stripes said. This year’s edition of Northern Strike, which concluded on Sunday, simulated a war in the Indo-Pacific region in a departure from its traditional European focus, it said. The change indicated a greater shift in the US armed forces’ attention to a potential conflict in Asia, it added. Citing a briefing by a Michigan National Guard senior
CHIPMAKING INVESTMENT: J.W. Kuo told legislators that Department of Investment Review approval would be needed were Washington to seek a TSMC board seat Minister of Economic Affairs J.W. Kuo (郭智輝) yesterday said he received information about a possible US government investment in Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) and an assessment of the possible effect on the firm requires further discussion. If the US were to invest in TSMC, the plan would need to be reviewed by the Department of Investment Review, Kuo told reporters ahead of a hearing of the legislature’s Economics Committee. Kuo’s remarks came after US Secretary of Commerce Howard Lutnick on Tuesday said that the US government is looking into the federal government taking equity stakes in computer chip manufacturers that
CLAMPING DOWN: At the preliminary stage on Jan. 1 next year, only core personnel of the military, the civil service and public schools would be subject to inspections Regular checks are to be conducted from next year to clamp down on military personnel, civil servants and public-school teachers with Chinese citizenship or Chinese household registration, the Mainland Affairs Council (MAC) said yesterday. Article 9-1 of the Act Governing Relations Between the People of the Taiwan Area and the Mainland Area (臺灣地區與大陸地區人民關係條例) stipulates that Taiwanese who obtain Chinese household registration or a Chinese passport would be deprived of their Taiwanese citizenship and lose their right to work in the military, public service or public schools, it said. To identify and prevent the illegal employment of holders of Chinese ID cards or
RSS