• Follow us

Technology

Chinese Hackers Linked to Global Attacks on Telcos | Hacking

By John P. Mello Jr. Jun 26, 2019 10:04 AM PT

Security researchers on Monday reported that Chinese hackers are the likely perpetrators of a series of cyberattacks against telecommunications companies around the world.

The campaign, dubbed "Operation Soft Cell," has been active since 2012, according to Cybereason, an endpoint security company based in Boston.

There is some evidence suggesting even earlier activity against the telecommunications providers, all of whom were outside North America, the researchers said.

The attackers attempted to steal all data stored in the active directory servers of the organizations, including all usernames and passwords in the companies, as well as other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more, according to the report.

Based on the tools used in the attacks, such as PoisonIvy RAT, and the tactics, techniques and procedures deployed by the attackers, the campaign likely was run by APT10, a notorious group of Chinese hackers, the researchers pointed out.

The U.S. Justice Department last year indicted two members of APT10 for conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.

There is some solid evidence APT10 was behind the attacks, such as the way they customized PoisonIvy and the idiosyncratic bread crumbs they left behind, said Sam Curry, chief security officer at Cybereason.

"The way the customization is done, the way they write the scripts, is the sort of thing we've seen time and again," he told TechNewsWorld. "There's a high probability that it's a Chinese hacker."

Alarming Attack

The hackers attacked organizations in waves launched over a period of months, the report notes. During that time, they were able to map the target networks and compromise credentials. That enabled them to compromise critical assets -- such as production and database servers, and even domain controllers.

"Beyond targeting individual users, this attack is also alarming because of the threat posed by the control of a telecommunications provider," the report states. "Telecommunications has become critical infrastructure for the majority of world powers. A threat actor with total access to a telecommunications provider, as is the case here, can attack however they want passively and also actively work to sabotage the network."

The attack has widespread implications -- not just for individuals, but also for organizations and countries alike, the Cybereason researchers said.

"The use of specific tools and the choice to hide ongoing operations for years points to a nation state threat actor, most likely China," they wrote. "This is another form of cyber warfare being used to establish a foothold and gather information undercover until they are ready to strike."

There are similarities between Operation Soft Cell and another telecom attack, suggested Lavi Lazarovitz, a cyber research group manager at CyberArk Labs, an information security company based in Newton, Massachusetts.

"This widespread attack on telecommunications companies has similar characteristics to Operation Socialist," he told TechNewsWorld.

Operation Socialist -- a CIA and British GCHQ campaign revealed by Edward Snowden -- attempted to take control of the Belgian telecommunications company Belgacom.

"It leverages privileged accounts and probably shadow admins to allow persistency and control," Lazarovitz said.

Useful Information

Information reaped by campaigns like Operation Soft Cell can be invaluable to a foreign intelligence service, noted Jonathan Tanner, a senior security researcher at Barracuda Networks, based in Campbell, California.

"Tracking a target's daily routines alone can be useful for a number of motivations, ranging from enumerating contacts to asset recruitment, to abduction or assassination," he told TechNewsWorld.

That sort of work traditionally is carried out by surveillance teams, but with technology it's becoming increasingly easy to gain that information by other means with significantly less manpower, Tanner explained.

"The irony with this breach is that many carriers actually sell this data anyway, through third parties such as Zumigo, who then resell it without checking into their buyers backgrounds," he said.

Stolen data from telcoms can be valuable to more than just Chinese intelligence agencies.

"This type of attack would greatly help Huawei in their fight to control as much of the 5G space as possible," said Jonathan Olivera, a threat analyst for Centripetal Networks, a network security company in Herdon, Virginia.

"When a country like China relies on surveillance and intellectual property theft to keep its momentum going, it will be hard to stop and prevent expansion," he told TechNewsWorld.

Familiar Playbook

The breadth and persistence of the attacks aren't the only discouraging characteristics of Operation Soft Cell.

"This plays out like every other hack that we've heard about in a major organization for years and years and years," said Chet Wisniewski, principal research scientist at Sophos, a network security and threat management company based in the UK.

"It's clear that these big companies are not taking this stuff seriously enough, especially the ones that have sensitive information about us. The giant role these companies play in our lives demands that they take security more seriously," he told TechNewsWorld.

"The stuff that these guys did was stuff any skilled pen tester would do," Wisniewski said.

"The attacks didn't have any super secret stuff. There were no new zero-day vulnerabilities here -- no new tools that no one had ever heard of before. All the stuff was off the shelf. I could teach a college student to how to use it in a semester," he said.

"We know this playbook," Wisniewski added, "and big companies should be able to defend against it."

Cold War in Cyberspace

Campaigns like Operation Soft Cell are likely to continue without abatement, noted Satya Gupta, CTO of Virsec, an applications security company in San Jose, California.

"These attacks will continue for the foreseeable future, as long as there is political tension and unrest in any number of regions," he told TechNewsWorld. "Infrastructure attacks on all sides are trying to sow uncertainty, which has both political and financial value to the perpetrators."

As for China, it seems content with economic espionage, for the most part, but that could change in the future, too.

"As long as we're involved in trade wars, I'm not as worried as if China starts to feel threatened about its sphere of influence," said Richard Stiennon, chief research analyst at IT Harvest, an industry analyst firm in Birmingham, Michigan.

"If it's trade wars, China's target of interest will be the same as it's always been: economic espionage. If it's sphere-of-influence stuff, then the targets of interest could escalate dramatically," he told TechNewsWorld.

"We are essentially in a cyber cold war, and many of the same factors still apply regarding escalation of hostilities and the overall desire to avoid an actual war as a result of ongoing activities," Barracuda's Tanner added. "Countries will continue to push the boundaries, but a major increase in attacks runs the risk of being seen as an act of war, which no country wants."

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

Read More



Leave A Comment

More News

TechNewsWorld

Clean Energy Solutions to Lower Your Electric Bill 2019-07-01 14:47:21Utility bills can get astronomical in the summer and winter. You can reduce those costs and your carbon footprint by signing up for Arcadia Power. Acc

The Democratic Debate That Wasn't: How Tech Could 2019-07-01 08:43:36I watched the Democratic debates last week and was struck by three things: I'd likely rather watch paint dry; the application of technology to improv

NSA Admits Improper Collection of Phone Data, 2nd 2019-06-27 05:39:54The ACLU has released documents showing the NSA improperly collected Americans' call and text logs in November 2017 and in February and October 2018.

Chinese Hackers Linked to Global Attacks on Telcos 2019-06-26 13:04:05Chinese hackers likely are responsible for a series of cyberattacks against telecommunications companies around the world, security researchers have r

Next-Gen Raspberry Pi 4 Packs Power Plus Potential 2019-06-25 13:59:05The next big Raspberry Pi thing is now here, with lots more computing power and more options. The Raspberry Pi Foundation has announced the availabili

Proposed Law Would Force Big Tech to Reveal 2019-06-25 06:15:22A Democrat and a Republican have filed a U.S. Senate bill to require companies to report to financial regulators and to the public what consumer data

6 Things We Won't Be Able to Live 2019-06-24 14:53:38Things rarely happen as fast as we think or progress as slowly as we hope. We all thought we'd have flying cars by the end of last century, for insta

Uber Drones to Make Meal Drops This Summer 2019-06-21 05:57:31Uber Elevate, the aerial arm of rideshare service Uber, will test a fast food delivery by drone service later this summer in San Diego. Delivery dest

Firefox Users Warned to Patch Critical Flaw 2019-06-20 06:23:16Firefox users should update their browsers immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux des

In Zuck We Trust: Facebook to Launch Own 2019-06-19 13:37:13Facebook's plans to mint its own digital coin will test the company's consumer credibility. After being savaged for months for its cavalier attitude

Instagram Targets Account Hijacking 2019-06-18 13:42:04Account hijacking has become a nettlesome problem at Instagram so it has decided to do something about it. The social media company has begun testing

Improving Digital Literacy in the Workplace 2019-06-17 18:50:57It's anticipated that in the next five years 90 percent of the workforce will require at least basic computer skills, such as using email or company

PCWorld

Nvidia's GeForce RTX 'Super' cards aim to one-up 2019-07-02 09:00:00Nvidia promised something Super is coming well over a month ago, and on Tuesday, the wait paid off. The graphics company unveiled not one, not two, bu

Nvidia GeForce RTX 2060 Super and RTX 2070 2019-07-02 09:00:00Nvidia promised something Super is coming well over a month ago, and on Tuesday, it finally delivered. Spoiler alert: The wait was worth it.The $399 G

Best robot vacuums: We name the most effective 2019-07-02 06:00:00Vacuuming is one of the most hated household chores. Here are your best choices for outsourcing it to some automated help.

Ecovacs Deebot 500 review: This budget-priced household helper 2019-07-02 06:00:00With app control plus Amazon Alexa and Google Assistant support, this robot vacuum packs a punch for the price.

The five devices you need to work anytime 2019-07-01 23:00:00The modern workplace is more flexible than ever before. This is mainly thanks to high-speed internet connections and the huge advancements in mobile t

Four reasons to buy an Always-Connected PC 2019-07-01 23:00:00 Laptops have always been a perfect blend of portability and power, making them the ideal solution for working whether you’re at home, in the of

Microsoft's fall release of Windows 10 will be 2019-07-01 18:25:00If you’ve been wondering what Microsoft’s next feature release of Windows 10—19H2—has in store, the answer is: not much.Micros

Tobii lands former Intel PC chip VP to 2019-07-01 17:51:00Eye-tracking tech provider Tobii said Monday that it has named Anand Srivatsa, the former vice president of Intel’s Client Computing Group, as T

Best power banks of 2019: The top USB 2019-07-01 13:24:00Anyone who uses a smartphone knows the importance of carrying a backup power bank. But given the large number of options on Amazon, you might feel ove

Best cheap laptops: We rate the best-sellers on 2019-07-01 10:05:00When you’re looking for a good, cheap laptop, knowledge is power. Every budget machine (which we’re defining as Windows laptops costing $5

OmniCharge Omni 20+ Power Bank review: A one-stop 2019-07-01 06:30:00The OmniCharge Omni 20+ is a successful follow up to the Omni 20, simply because OmniCharge no longer has different models of the same charger with di

Bose Home Speaker 300 review: A versatile smart 2019-07-01 06:00:00The newest (and smallest) addition to Bose’s smart speaker line sounds sweet, speaks both Amazon Alexa and Google Assistant, and encourages the

FOX News

Germany fines Facebook $2.3 million for violating hate 2019-07-02 12:56:36Germany hit Facebook with a fine for a lack of transparency in how it handles and reports hate speech complaints.

Facebook buildings evacuated after mail tests positive for 2019-07-01 16:47:27Four buildings that receive and mail for social media giant Facebook were evacuated Monday after a bag of mail tested positive for the nerve

Soldiers use AI to fire precision grenades, guide 2019-07-01 15:50:32The Pentagon’s research and technology arm is testing a “breakthrough” AI-enabled technology for dismounted mobile combat units that

Tiny robots are ‘dominating space’ 2019-07-01 15:30:19China calls them scavengers, Russia calls them inspectors and the US calls them threats.

Civil rights activists slam Facebook's 'insufficient' attempts to 2019-07-01 12:48:20Facebook's latest update on its ongoing companywide civil rights audit has been criticized by activists who say that the social network needs to do m

Facebook cryptocurrency, life-saving smartphones and more: Tech Q&A 2019-06-30 07:00:55Please help me solve a debate. I say my smart TV can get bit by malware and viruses. My buddy says I am a dope. Who’s right? A six-pack is ridin

4 chilling lessons from a tech hotline scam 2019-06-29 07:00:32Some people think they’re immune to cybercriminals. “I’m not even on their radar,” they think. “What are the chances tha

Seedy app that 'undressed' women sparks backlash, taken 2019-06-28 15:36:41A seedy app that used a type of artificial intelligence to “undress” images of clothed women has been taken offline by its developers.

Apple moves production of $6G Mac Pro to 2019-06-28 09:50:19Apple is manufacturing its new Mac Pro computer in China, according to people familiar with its plans, shifting abroad production of what had bee

Google Maps can now tell you how bad 2019-06-28 09:35:00Three weeks after Google announced Google Maps updates to help you stay safe in the event of a natural disaster, the company detailed a solution for a

Apple wants to make Oscar-worthy movies to beef 2019-06-17 12:50:56Apple has Oscar envy.

Google wants next billion users, but has no 2019-06-17 11:09:24Google CEO Sundar Pichai said his company doesn't have plans to launch in China, but that doesn't mean the tech giant wants to ignore its hundreds o

TechCrunch

Superhuman removes email location logging, will turn read 2019-07-03 18:40:41Superhuman, the buzzy and currently invite-only email startup that you might have come across even if you yourself don’t have access if you&rsqu

Pod Foods gets VC backing to reinvent grocery 2019-07-03 17:51:22How a failed cookie startup paved the way for next-gen logistics and distribution software.

Lotus’ first electric hypercar finally has a name 2019-07-03 17:48:48The Goodwood Festival of Speed is shaping up to be a big moment for Lotus. The company is finally taking “some” of the wraps off of its fi

Earios is a new podcast network for women 2019-07-03 17:30:59It might seem like you’ve now got podcasts covering any and every conceivable topic, but comedy writer and actor Maria Blascucci argued that the

With Super Mario Maker 2, Nintendo both unleashes 2019-07-03 17:01:03Nintendo's Mario Maker series is among the most generous gifts the company could have given to its fans, and the new installment on Switch is better

Bird investor Upfront Ventures eyes $250M growth fund 2019-07-03 16:03:05The LA-based VC closed on $400 million for its latest early-stage fund in 2017.

Appeals court rules Amazon can be held liable 2019-07-03 15:57:41In a blow to Amazon, a U.S. appeals court ruled that the mega-retailer can be held accountable for faulty third-party sales. The ruling arrived this w

We still don’t know how much of Libra 2019-07-03 15:29:54The $10 million entry fee to join the Facebook-developed cryptocurrency’s Libra Association is merely a minimum. Members who’ll verify tra

GPS on the Moon? NASA’s working on it 2019-07-03 15:23:06If you're driving your car from Portland to Merced, you probably rely on GPS to see where you are. But what if you're driving your Moon rover from O

Pax Labs CEO Bharat Vasan and serial founder 2019-07-03 15:12:30The legalization of cannabis and hemp for medicinal and recreational use in states across the U.S. and in Canada has opened up a huge vein of green, g

Bored before the holiday? Go play the game 2019-07-03 15:11:44The concept of a Google Doodle — the little widget that sometimes replaces the Google logo on the company’s main search page — has g

Daily Crunch: FaceTime gets an eye contact upgrade 2019-07-03 14:09:24The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox ever

Electrek

Jeda launches new Tesla Model 3 USB hub 2019-07-03 18:25:57 Tesla is starting to have a lot of different features utilizing the USB ports in its center console, like Sentry Mode and phone charging, and it can

Podcast: Tesla’s incredible delivery numbers, TSLA departures, Model 2019-07-03 15:47:02 This week on a special holiday weekend Wednesday Electrek Podcast, we discuss the most popular news in the world of sustainable transport and energy,

Tesla is going to allow solar roof and 2019-07-03 14:38:31 Tesla is going to enable homeowners with Tesla solar roof tiles and solar panels to access and dive deep into their own power generation data. more&h

Milwaukee’s Electric String Trimmer is $199 (33% off), 2019-07-03 13:31:00 Today only, Home Depot offers the Milwaukee M18 FUEL 18V Cordless Electric String Trimmer for $199. That’s a $100 savings from the regular

Tesla Pickup truck overtakes Ford F150 as most 2019-07-03 12:59:19 Tesla is good at creating hype without advertising and the Tesla Pickup truck is no exception as it overtakes the Ford F150 as the most talked about

Recent Rivian hires come from Tesla, McLaren, Ford 2019-07-03 12:42:04 Rivian has grown to employ 750 people, with a new report detailing the startup’s recent hires from Tesla, Ford, and McLaren — but most no

Waymo gains approval for transporting passengers in self-driving 2019-07-03 10:51:54 As Waymo continues its push for a driverless future, the Alphabet company is trying to expand to more regions. This week, the state of California has

How climate change deniers inserted themselves into the 2019-07-03 10:35:13 In the ongoing saga of the Trump administration’s efforts to roll back fuel economy standards, it’s been known that automakers sought to

EGEB: A Michigan ‘smart energy district,’ coal country 2019-07-03 09:02:40 In today’s EGEB: Jackson, Michigan is creating a “smart energy district” for energy innovation and testing. Sky-high energy bills i

VW unveils beautiful Type 2 electric conversion microbus 2019-07-03 08:58:59 Volkswagen (VW) has unveiled an electric conversion concept for its iconic Type 2 microbus to celebrate 20 years at its Electronics Research Laborato

Brose unveils all new whisper-quiet electric bicycle drive 2019-07-03 08:31:11 Brose just unveiled its newest electric bicycle drive system. While the company is best known for its ultra quiet mid-drive motor systems, Brose has

Tesla Model 3 aces crash test, sets ‘new 2019-07-03 04:00:43 The European New Car Assessment Programme (Euro NCAP) has released safety and crash test results for new vehicles, including the Tesla Model 3, which


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.