|
Hackers hit global telcos in espionage
campaign: cyber research firm
Send a link to a friend
 [June 25, 2019]
By Ari Rabinovitch and Tova Cohen
TEL AVIV (Reuters) - Hackers have broken
into the systems of more than a dozen global telecoms companies and
taken large amounts of personal and corporate data, researchers from a
cyber security company said on Tuesday, identifying links to previous
Chinese cyber-espionage campaigns.
Investigators at U.S.-Israeli cyber security firm Cybereason said the
attackers compromised companies in more than 30 countries and aimed to
gather information on individuals in government, law-enforcement and
politics.
The hackers also used tools linked to other attacks attributed to
Beijing by the United States and its Western allies, said Lior Div,
chief executive of Cybereason.
"For this level of sophistication it's not a criminal group. It is a
government that has capabilities that can do this kind of attack," he
told Reuters.
A spokesman for China's Foreign Ministry said he was not aware of the
report, but added "we would never allow anyone to engage in such
activities on Chinese soil or using Chinese infrastructure."
Cybereason declined to name the companies affected or the countries they
operate in, but people familiar with Chinese hacking operations said
Beijing was increasingly targeting telcos in Western Europe.
Western countries have moved to call out Beijing for its actions in
cyberspace, warning that Chinese hackers have compromised companies and
government agencies around the world to steal valuable commercial
secrets and personal data for espionage purposes.
Div said this latest campaign, which his team uncovered over the last
nine months, compromised the internal IT network of some of those
targeted, allowing the attackers to customize the infrastructure and
steal vast amounts of data.
[to top of second column]
|
A man holds a laptop computer as cyber code is projected on him in
this illustration picture taken on May 13, 2017. REUTERS/Kacper
Pempel/Illustration
In some instances, they managed to compromise a target's entire
active directory, giving them access to every username and password
in the organization. They also got hold of personal data, including
billing information and call records, Cybereason said in a blog
post.
"They built a perfect espionage environment," said Div, a former
commander in Israel's military intelligence unit 8200. "They could
grab information as they please on the targets that they are
interested in."
Cybereason said multiple tools used by the attackers had previously
been used by a Chinese hacking group known as APT10.
The United States indicted two alleged members of APT10 in December
and joined other Western countries in denouncing the group's attacks
on global technology service providers to steal intellectual
property from their clients.
The company said on previous occasions it had identified attacks it
suspected had come from China or Iran but it was never certain
enough to name these countries.
Cybereason said: "This time as opposed to in the past we are sure
enough to say that the attack originated in China."
"We managed to find not just one piece of software, we managed to
find more than five different tools that this specific group used,"
Div said.
(Additional reporting by Jack Stubbs. Editing by Jane Merriman)
[© 2019 Thomson Reuters. All rights
reserved.]
Copyright 2019 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
