A cybersecurity firm has recently revealed information about Chinese hackers who have been hacking big telco companies intending to extract personal and corporate information that could potentially benefit the Chinese government.
Cybersecurity company Cybereason released the report on June 25th that the hackers have been attacking Telco’s for several years now in operation dubbed “Operation Soft Cell.” The hacks can be traced to as early as 2012 and back. The hacks were targeted at obtaining permanent access to data, copying personal data, and avoiding detection, Reuters reported. Cybereason stated the hacks were sophisticated and the hackers kept changing strategies to prevent exposure by cybersecurity firms.
“For this level of sophistication, it’s not a criminal group. It is a government that has capabilities that can do this kind of attack,” Cybereason CEO Lior Div said. “They built a perfect espionage environment,” the exec added. The group could obtain any information as they please after they have hacked a company, the executive stated.
One thing that makes the hack stand out from separate hack groups is the main motive of the attack. As Cybereason claims, cybercrime groups often look for money, but when a “nation-state threat actor is attacking a big organization, the end goal is typically not financial, but rather intellectual property or sensitive information about their clients.”
The hacks were intense with the hackers in some instances obtaining active information from telcos by “compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more.”
On June 26th, Reteurs revealed a report that eight of the world’s largest technology providers were hacked by Chinese cyberspies dubbed APT10 that are linked to the Chinese Ministry of State Security.
The hacking campaign dubbed Cloud Hopper was an attribution to the US indictment of two Chinese nationals for cyber-crime last December. The attack affected Hewlett Packard Enterprise (HPE), IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology, according to Reuters.
Attacks were relentless while the hackers looked for entry points for businesses which they used to harvest data and steal potential trade secrets. The parties affected denied no data was obtained from the attacks, and still, the Chinese government declined the allegations.
However, Reteurs also uncovered that Finnish company, Erricson a Huawei competitor in the race for 5G was also targeted with ‘persistent and pervasive’ attacks. The hackers targeted to steal project management timeframes at times, and they sometimes seek for product manuals which some were already publicly available.
Huawei has been recently accused of its telco equipment can be potentially exploited for espionage. Allegations which Huawei has been proving innocent for more than ten years until recently the US government banned the Chinese company from supplying its telco equipment to the US and dealing with any US-based company. However, this has nothing to do with Huawei, but issue generally affects Huawei in some way or another.