Chinese cyberattackers compromising telcos in Southeast Asia for espionage
source link: https://www.csoonline.com/article/3628719/chinese-cyberattackers-compromising-telcos-in-southeast-asia-for-espionage.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Chinese cyberattackers compromising telcos in Southeast Asia for espionage
The attack via Microsoft Exchange servers on telecom infrastructure could have been used to disrupt communications, but so far seems limited to gathering information on competitors, adversaries, and activists.
Several previously unidentified cyberattack campaigns have infiltrated major telecommunications providers across Southeast Asia, security firm Cybereason says it has discovered.
These attacks are said to be similar to the recent SolarWinds and Kaseya attacks. The US-based Cybereason said the attackers first compromised third-party service providers. But instead of using them to deliver malware through a supply chain attack, in this case “the intent was to leverage them to conduct surveillance of their customers' confidential communications”.
The report was released on 3 August 2021 and follows the US federal government’s public rebuke of China’s Ministry of State Security for the recent Hafnium attacks on Microsoft Exchange servers.
Multiple clusters of attacks on Southeast Asian telcos
The Cybereason report detailed multiple clusters of attack. These activities have evaded detection since at least 2017 and “are assessed to be the work of several prominent advanced persistent threat (APT) groups aligned with the interests of the Chinese government”, it said.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK