Friday, July 1, 2022

ਵਾਹਿਗੁਰੂ

spot_img



Suspected Chinese hackers attack global telecom carriers

Washington, June 25, 2019-

Suspected Chinese hackers have infiltrated into the networks of over a dozen telecommunication providers in Europe, Asia, Africa and the Middle East — gaining control and stealing hundreds of gigabytes of data of individuals, a US-based cyber security firm has revealed.

Any entity that possesses the power to take over the networks of telecommunications providers can potentially leverage its unlawful access and control of the network to shut down or disrupt an entire cellular network as part of a larger cyber warfare operation, said Boston-based Cyberreason.

The team at Cybereason, as part of their Operation Soft Cell, has concluded “with a high level of certainty that the threat actor is affiliated with China and is likely state sponsored”.

“The tools and techniques used throughout these attacks are consistent with several Chinese threat actors, specifically with APT10, a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS),” said the firm on Monday.

The hackers have obtained all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users and more.

“Last year, we identified a threat actor that has been operating in telecommunications provider environments for at least two years. We performed a post-incident review of the attacks and were able to identify changes in the attack patterns along with new activity every quarter,” said Amit Serper, Cybereason’s Head of security research.

“This type of targeted cyber espionage is usually the work of nation state threat actors,” he added.

The attack began with a web shell running on a vulnerable, publicly-facing server, from which the attackers gathered information about the network and propagated across the network.

The threat actor attempted to compromise critical assets, such as database servers, billing servers, and the active directory. As malicious activity was detected and remediated against, the threat actor stopped the attack.

During the persistent attack, the attackers worked in waves – abandoning one thread of attack when it was detected and stopped, only to return months later with new tools and techniques.

In 2018, 30 per cent of the telecommunications providers reported sensitive customer information was stolen due to an attack.

In the past 13 years, mobile cellular phone subscribers have quadrupled in size and sit at eight billion subscribers today.

Due to their wide availability and the fundamental service they bring, telecommunications providers have become critical infrastructure for the majority of world powers.

“Much like telecommunication providers, many other critical infrastructure organizations provide a valuable targets for nation state threat actors, due to their high impact,” said the researchers.

The threat actor managed to infiltrate into the deepest segments of the providers’ network, including some isolated from the internet, as well as compromise critical assets.

“Our investigation showed that these attacks were targeted, and that the threat actor sought to steal communications data of specific individuals in various countries,” said Cybereason.  (Agency)

- Advertisement -

Yes Punjab - TOP STORIES

Punjab News

Sikh News

Transfers, Postings, Promotions

- Advertisement -spot_img

Stay Connected

20,574FansLike
113,912FollowersFollow

ENTERTAINMENT

National

GLOBAL

OPINION

G-20 summit in Kashmir: An unparalleled diplomatic achievement for India after 1990 – by Ahmed Ali Fayyaz

New Delhi, June 27, 2022- On Thursday, 23 June 2022, the Government of Jammu and Kashmir constituted a 5-member committee of bureaucrats under Principal...

Understanding who lit the flames of ‘Agnipath, and why – by Kavya Dubey

It is an indescribably inspiring feeling to see a 'fauji' on the move - clad in his camouflage uniform at a railway platform with...

Prez poll: Draupadi Murmu’s nomination tactical outreach to tribals – by Sunil Trivedi

New Delhi, June 26, 2022- The nomination of Draupadi Murmu as NDA's Presidential candidate has been seen as a tactical political outreach to the...

SPORTS

Health & Fitness

Can blood thinners help reduce symptoms of long Covid?

London, June 29, 2022- Researchers in the UK are probing a potential link between blood clots and long-term symptoms post a Covid infection, and whether a treatment of blood thinners may help reduce long Covid conditions, media reports said. Long Covid is defined as having new or ongoing symptoms four weeks or more after the start of disease. The symptoms,...

Gadgets & Tech

error: Content is protected !!