• Follow us

Technology

Chinese Hackers Linked to Global Attacks on Telcos | Hacking

By John P. Mello Jr. Jun 26, 2019 10:04 AM PT

Security researchers on Monday reported that Chinese hackers are the likely perpetrators of a series of cyberattacks against telecommunications companies around the world.

The campaign, dubbed "Operation Soft Cell," has been active since 2012, according to Cybereason, an endpoint security company based in Boston.

There is some evidence suggesting even earlier activity against the telecommunications providers, all of whom were outside North America, the researchers said.

The attackers attempted to steal all data stored in the active directory servers of the organizations, including all usernames and passwords in the companies, as well as other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more, according to the report.

Based on the tools used in the attacks, such as PoisonIvy RAT, and the tactics, techniques and procedures deployed by the attackers, the campaign likely was run by APT10, a notorious group of Chinese hackers, the researchers pointed out.

The U.S. Justice Department last year indicted two members of APT10 for conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.

There is some solid evidence APT10 was behind the attacks, such as the way they customized PoisonIvy and the idiosyncratic bread crumbs they left behind, said Sam Curry, chief security officer at Cybereason.

"The way the customization is done, the way they write the scripts, is the sort of thing we've seen time and again," he told TechNewsWorld. "There's a high probability that it's a Chinese hacker."

Alarming Attack

The hackers attacked organizations in waves launched over a period of months, the report notes. During that time, they were able to map the target networks and compromise credentials. That enabled them to compromise critical assets -- such as production and database servers, and even domain controllers.

"Beyond targeting individual users, this attack is also alarming because of the threat posed by the control of a telecommunications provider," the report states. "Telecommunications has become critical infrastructure for the majority of world powers. A threat actor with total access to a telecommunications provider, as is the case here, can attack however they want passively and also actively work to sabotage the network."

The attack has widespread implications -- not just for individuals, but also for organizations and countries alike, the Cybereason researchers said.

"The use of specific tools and the choice to hide ongoing operations for years points to a nation state threat actor, most likely China," they wrote. "This is another form of cyber warfare being used to establish a foothold and gather information undercover until they are ready to strike."

There are similarities between Operation Soft Cell and another telecom attack, suggested Lavi Lazarovitz, a cyber research group manager at CyberArk Labs, an information security company based in Newton, Massachusetts.

"This widespread attack on telecommunications companies has similar characteristics to Operation Socialist," he told TechNewsWorld.

Operation Socialist -- a CIA and British GCHQ campaign revealed by Edward Snowden -- attempted to take control of the Belgian telecommunications company Belgacom.

"It leverages privileged accounts and probably shadow admins to allow persistency and control," Lazarovitz said.

Useful Information

Information reaped by campaigns like Operation Soft Cell can be invaluable to a foreign intelligence service, noted Jonathan Tanner, a senior security researcher at Barracuda Networks, based in Campbell, California.

"Tracking a target's daily routines alone can be useful for a number of motivations, ranging from enumerating contacts to asset recruitment, to abduction or assassination," he told TechNewsWorld.

That sort of work traditionally is carried out by surveillance teams, but with technology it's becoming increasingly easy to gain that information by other means with significantly less manpower, Tanner explained.

"The irony with this breach is that many carriers actually sell this data anyway, through third parties such as Zumigo, who then resell it without checking into their buyers backgrounds," he said.

Stolen data from telcoms can be valuable to more than just Chinese intelligence agencies.

"This type of attack would greatly help Huawei in their fight to control as much of the 5G space as possible," said Jonathan Olivera, a threat analyst for Centripetal Networks, a network security company in Herdon, Virginia.

"When a country like China relies on surveillance and intellectual property theft to keep its momentum going, it will be hard to stop and prevent expansion," he told TechNewsWorld.

Familiar Playbook

The breadth and persistence of the attacks aren't the only discouraging characteristics of Operation Soft Cell.

"This plays out like every other hack that we've heard about in a major organization for years and years and years," said Chet Wisniewski, principal research scientist at Sophos, a network security and threat management company based in the UK.

"It's clear that these big companies are not taking this stuff seriously enough, especially the ones that have sensitive information about us. The giant role these companies play in our lives demands that they take security more seriously," he told TechNewsWorld.

"The stuff that these guys did was stuff any skilled pen tester would do," Wisniewski said.

"The attacks didn't have any super secret stuff. There were no new zero-day vulnerabilities here -- no new tools that no one had ever heard of before. All the stuff was off the shelf. I could teach a college student to how to use it in a semester," he said.

"We know this playbook," Wisniewski added, "and big companies should be able to defend against it."

Cold War in Cyberspace

Campaigns like Operation Soft Cell are likely to continue without abatement, noted Satya Gupta, CTO of Virsec, an applications security company in San Jose, California.

"These attacks will continue for the foreseeable future, as long as there is political tension and unrest in any number of regions," he told TechNewsWorld. "Infrastructure attacks on all sides are trying to sow uncertainty, which has both political and financial value to the perpetrators."

As for China, it seems content with economic espionage, for the most part, but that could change in the future, too.

"As long as we're involved in trade wars, I'm not as worried as if China starts to feel threatened about its sphere of influence," said Richard Stiennon, chief research analyst at IT Harvest, an industry analyst firm in Birmingham, Michigan.

"If it's trade wars, China's target of interest will be the same as it's always been: economic espionage. If it's sphere-of-influence stuff, then the targets of interest could escalate dramatically," he told TechNewsWorld.

"We are essentially in a cyber cold war, and many of the same factors still apply regarding escalation of hostilities and the overall desire to avoid an actual war as a result of ongoing activities," Barracuda's Tanner added. "Countries will continue to push the boundaries, but a major increase in attacks runs the risk of being seen as an act of war, which no country wants."

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

Read More



Leave A Comment

More News

TechNewsWorld

Clean Energy Solutions to Lower Your Electric Bill 2019-07-01 14:47:21Utility bills can get astronomical in the summer and winter. You can reduce those costs and your carbon footprint by signing up for Arcadia Power. Acc

The Democratic Debate That Wasn't: How Tech Could 2019-07-01 08:43:36I watched the Democratic debates last week and was struck by three things: I'd likely rather watch paint dry; the application of technology to improv

NSA Admits Improper Collection of Phone Data, 2nd 2019-06-27 05:39:54The ACLU has released documents showing the NSA improperly collected Americans' call and text logs in November 2017 and in February and October 2018.

Chinese Hackers Linked to Global Attacks on Telcos 2019-06-26 13:04:05Chinese hackers likely are responsible for a series of cyberattacks against telecommunications companies around the world, security researchers have r

Next-Gen Raspberry Pi 4 Packs Power Plus Potential 2019-06-25 13:59:05The next big Raspberry Pi thing is now here, with lots more computing power and more options. The Raspberry Pi Foundation has announced the availabili

Proposed Law Would Force Big Tech to Reveal 2019-06-25 06:15:22A Democrat and a Republican have filed a U.S. Senate bill to require companies to report to financial regulators and to the public what consumer data

6 Things We Won't Be Able to Live 2019-06-24 14:53:38Things rarely happen as fast as we think or progress as slowly as we hope. We all thought we'd have flying cars by the end of last century, for insta

Uber Drones to Make Meal Drops This Summer 2019-06-21 05:57:31Uber Elevate, the aerial arm of rideshare service Uber, will test a fast food delivery by drone service later this summer in San Diego. Delivery dest

Firefox Users Warned to Patch Critical Flaw 2019-06-20 06:23:16Firefox users should update their browsers immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux des

In Zuck We Trust: Facebook to Launch Own 2019-06-19 13:37:13Facebook's plans to mint its own digital coin will test the company's consumer credibility. After being savaged for months for its cavalier attitude

Instagram Targets Account Hijacking 2019-06-18 13:42:04Account hijacking has become a nettlesome problem at Instagram so it has decided to do something about it. The social media company has begun testing

Improving Digital Literacy in the Workplace 2019-06-17 18:50:57It's anticipated that in the next five years 90 percent of the workforce will require at least basic computer skills, such as using email or company

PCWorld

Best robot vacuums: We name the most effective 2019-07-02 06:00:00Vacuuming is one of the most hated household chores. Here are your best choices for outsourcing it to some automated help.

Ecovacs Deebot 500 review: This budget-priced household helper 2019-07-02 06:00:00With app control plus Amazon Alexa and Google Assistant support, this robot vacuum packs a punch for the price.

Four reasons to buy an Always-Connected PC 2019-07-01 23:00:00 Laptops have always been a perfect blend of portability and power, making them the ideal solution for working whether you’re at home, in the of

The five devices you need to work anytime 2019-07-01 23:00:00The modern workplace is more flexible than ever before. This is mainly thanks to high-speed internet connections and the huge advancements in mobile t

Microsoft's fall release of Windows 10 will be 2019-07-01 18:25:00If you’ve been wondering what Microsoft’s next feature release of Windows 10—19H2—has in store, the answer is: not much.Micros

Tobii lands former Intel PC chip VP to 2019-07-01 17:51:00Eye-tracking tech provider Tobii said Monday that it has named Anand Srivatsa, the former vice president of Intel’s Client Computing Group, as T

Best power banks of 2019: The top USB 2019-07-01 13:24:00Anyone who uses a smartphone knows the importance of carrying a backup power bank. But given the large number of options on Amazon, you might feel ove

Best cheap laptops: We rate the best-sellers on 2019-07-01 10:05:00When you’re looking for a good, cheap laptop, knowledge is power. Every budget machine (which we’re defining as Windows laptops costing $5

OmniCharge Omni 20+ Power Bank review: A one-stop 2019-07-01 06:30:00The OmniCharge Omni 20+ is a successful follow up to the Omni 20, simply because OmniCharge no longer has different models of the same charger with di

Bose Home Speaker 300 review: A versatile smart 2019-07-01 06:00:00The newest (and smallest) addition to Bose’s smart speaker line sounds sweet, speaks both Amazon Alexa and Google Assistant, and encourages the

Best smart speakers: Which deliver the best combination 2019-07-01 06:00:00With models based on Alexa, Google Assistant, Siri, Cortana, and others to come, we’ll help you find just the right model for you.

LG Gram 2-in-1 review: A convertible laptop with 2019-07-01 06:00:00Convertible laptops usually come with more compromises than the LG Gram 2-in-1 does.Despite having a 14-inch screen, the LG Gram 2-in-1 (model 14T990)

FOX News

Facebook buildings evacuated after mail tests positive for 2019-07-01 16:47:27Four buildings that receive and mail for social media giant Facebook were evacuated Monday after a bag of mail tested positive for the nerve

Soldiers use AI to fire precision grenades, guide 2019-07-01 15:50:32The Pentagon’s research and technology arm is testing a “breakthrough” AI-enabled technology for dismounted mobile combat units that

Tiny robots are ‘dominating space’ 2019-07-01 15:30:19China calls them scavengers, Russia calls them inspectors and the US calls them threats.

Civil rights activists slam Facebook's 'insufficient' attempts to 2019-07-01 12:48:20Facebook's latest update on its ongoing companywide civil rights audit has been criticized by activists who say that the social network needs to do m

Facebook cryptocurrency, life-saving smartphones and more: Tech Q&A 2019-06-30 07:00:55Please help me solve a debate. I say my smart TV can get bit by malware and viruses. My buddy says I am a dope. Who’s right? A six-pack is ridin

4 chilling lessons from a tech hotline scam 2019-06-29 07:00:32Some people think they’re immune to cybercriminals. “I’m not even on their radar,” they think. “What are the chances tha

Seedy app that 'undressed' women sparks backlash, taken 2019-06-28 15:36:41A seedy app that used a type of artificial intelligence to “undress” images of clothed women has been taken offline by its developers.

Apple moves production of $6G Mac Pro to 2019-06-28 09:50:19Apple is manufacturing its new Mac Pro computer in China, according to people familiar with its plans, shifting abroad production of what had bee

Google Maps can now tell you how bad 2019-06-28 09:35:00Three weeks after Google announced Google Maps updates to help you stay safe in the event of a natural disaster, the company detailed a solution for a

iPhone designer Jony Ive to leave Apple for 2019-06-28 08:38:38(Photo by Qi Heng/VCG via Getty Images) Jony Ive, the major designer behind the iPhone, is leaving Apple later this year to start his own company.

Google wants next billion users, but has no 2019-06-17 11:09:24Google CEO Sundar Pichai said his company doesn't have plans to launch in China, but that doesn't mean the tech giant wants to ignore its hundreds o

Amazon slams AOC claim for saying it pays 2019-06-17 10:06:59Amazon on Monday fired back at Rep. Alexandria Ocasio-Cortez, D-N.Y. after she claimed that the tech giant pays its warehouse workers "starvation wag

TechCrunch

Daily Crunch: FaceTime gets an eye contact upgrade 2019-07-03 14:09:24The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox ever

Amazon responds to a U.S. Senator’s inquiry, confirms 2019-07-03 13:55:25Amazon has responded to a letter of inquiring it received from U.S. Senator Chris Coons (D-DE) which asks the company to detail what happens to custom

Capital One CTO George Brady will join us 2019-07-03 13:30:20When you think of old, giant mainframes that sit in the basement of a giant corporation, still doing the same work they did 30 years ago, chances are

Boeing pledges $100M to families of 737 Max 2019-07-03 13:26:27Boeing has said it will offer $100 million to the families and communities of those who died aboard the two 737 Max passenger jets that crashed earlie

E.ventures, the global early-stage venture fund, has raised 2019-07-03 12:38:57The firm e.ventures, a 20-year-old, early-stage venture outfit that has historically invested out of dedicated funds in numerous geographies, includin

Colonna call, timing a VC pitch, WeChat, patents, 2019-07-03 12:33:31Editor’s Note: Shortened week Due to the U.S. Independence Day holiday this week on July 4th, Extra Crunch will not be publishing our normal edi

‘Jurassic World: Fallen Kingdom’ director to helm first 2019-07-03 12:25:32Amazon’s Jeff Bezos seems to be really hoping that his streaming service’s forthcoming Lord of the Rings original series can match Game of

Verified Expert Lawyer: Sophie Alcorn 2019-07-03 12:05:59Sophie Alcorn founded her own immigration-focused boutique law firm a few years ago, that has quickly become a go-to resource for founders and tech wo

What everyone at a startup needs to know 2019-07-03 12:04:38The immigration process in the U.S. has become a high-stakes undertaking for employers, workers, and entrepreneurs. Predictability has eroded. Process

App revenue tops $39 billion in first half 2019-07-03 11:41:52App store spending is continuing to grow, although not as quickly as in years past. According to a new report from Sensor Tower, the iOS App Store and

Reliance Jio partners with Facebook to launch literacy 2019-07-03 11:03:12Mukesh Ambani, India’s richest man, has enabled tens of millions of people — if not more — to come online for the first time with hi

Samsung’s Galaxy Fold problems are reportedly fixed — 2019-07-03 10:58:54In a recent interview, Samsung CEO DJ Koh noted that the company was hard at work on Galaxy Fold fixes (he also said people won’t be using smart

Thetechhacker

Google has open-sourced its ‘Web Crawler’ after two 2019-07-02 04:57:50If you are a web developer or publisher, you would have heard about robots.txt. For the people who are unaware, Robots.txt is Google’s Robot Exc

Samsung announces Galaxy Note 10 ‘Unpacked’ launch event 2019-07-02 02:39:00Samsung has finally announced the launch date of its upcoming flagship in the Note series. After last year’s Galaxy Note 10, we will see the Sam

Monday.com Review – Visually stunning work management platform 2019-07-01 11:14:49Managing a project is a hard task. It involves so many meetings, deadlines, progress tracking, employee management, and many more. To run a project sm

Beecaro Teatro BM03 is an IPX5-rated Bluetooth Speaker 2019-07-01 07:52:43We all know that everyone loves music, be it the old generation or the younger generation. Therefore, the one thing that we have in common are speaker

OpenID Foundation says users exposed to security and 2019-07-01 03:06:45At the recent Apple WWDC 2019 event, we heard about a lot of new features from Apple. There were many features related to privacy and security announc

Microsoft Teams found vulnerable to download and run 2019-06-29 02:56:01We know that no software is perfect and there are nuances and security vulnerabilities to each one of them. But we know that some software apps are mo

Google awarded a patent for foldable device which 2019-06-29 02:23:48We have seen all kinds of designs for foldable smartphones as well as foldable devices in general. Also, Samsung’s Galaxy Fold and Huawei Mate X

Recover Your Corrupted GoPro Video that Won’t Play 2019-06-28 13:44:41It’s the end of June already and we’re quickly approaching the middle of the summer – a great time to take a vacation and go traveli

Hackers are exploiting Microsoft Excel’s features for their 2019-06-28 03:21:39Microsoft Excel is one of those products from Microsoft that is the most boring for some and very interesting for others. Now, the people who find it

Your Google Maps can now predict how crowded 2019-06-28 03:03:04One of the most used services in recent times by everyone is Google Maps. We know that Google’s Maps beat the Apple Maps and other similar servi

Pentagon has a laser to identify people from 2019-06-28 02:45:46One fact that humans have is that everyone has a different heartbeat pattern. This is similar to have a different iris as well as a fingerprint. These

WhatsApp may soon let you share Status directly 2019-06-27 03:32:49We have known that you can share your Instagram Status to WhatsApp and Facebook. However, there is currently no ability to do the same on WhatsApp. In

SlashGear

Logitech teases a gaming headphone team up with 2019-07-03 14:33:44About a year ago, Logitech announced that it was buying Blue, which is a pretty common name in the content creator space. Blue is known primarily for

Facebook is down, WhatsApp and Instagram also hairy 2019-07-03 13:25:06What’s the deal with Facebook right now – and what’s happening with WhatsApp and Instagram? Several major social networks were effec

Fortnite patch notes detail Drum Shotgun at long 2019-07-03 13:18:48If there’s a trend with recent Fortnite patches, it’s shaping up to be one of shotguns. Last week’s patch reintroduced the Pump Shot

VW trained AIs to design better 3D printed 2019-07-03 12:46:20Car design may still be led by the heart, not the head, but VW is experimenting with artificial intelligence that could dramatically change how compon

Canon IVY REC is pretty much a new 2019-07-03 12:32:22The folks at Canon have a new camera they want you to see, a camera that’ll go with you wherever you like, clipped to your belt loop. This camer

Pokemon GO update today: Surprise Legendary Raid Hour! 2019-07-03 12:16:50This morning Niantic made mention of a very impromptu update for the game Pokemon GO as of this evening. This update to the game will likely happen en

Chrome just made online shopping much easier: What 2019-07-03 12:01:02Google announced today that it will make it easier to access your payment information within Chrome regardless of the device you’re using. Now,

Watch the Tesla Model 3 crash tests that 2019-07-03 10:47:38The Tesla Model 3 has aced European crash safety testing, with the most affordable car in the EV automaker’s line-up grabbing five stars out of

FaceTime in iOS 13 will use AR to 2019-07-03 10:25:15Video chat like FaceTime is a useful feature for a lot of people, but it can paradoxically end up feeling a little bit impersonal due to the simple fa

Hubble and Spitzer team to identify exoplanet atmosphere 2019-07-03 10:21:50Two of NASA’s space telescopes have teamed up to identify, for the first time, the chemical fingerprint of a planet between the sizes of Earth a

Renault shows off all-new Captur SUV and a 2019-07-03 09:47:07Renault has a new SUV that it is showing, the all-new Captur, and Renault has crammed a bunch of new features and technology into the car. The automak

Hubble celebrates 4th of July with celestial fireworks 2019-07-03 08:45:49The Hubble space telescope is still orbiting and looking at the incredible events that are happening in the universe around us. With the 4th of July c

Electrek

Tesla Model 3 aces crash test, sets ‘new 2019-07-03 04:00:43 The European New Car Assessment Programme (Euro NCAP) has released safety and crash test results for new vehicles, including the Tesla Model 3, which

Tesla smashes global delivery record with over 95,000 2019-07-02 16:21:51 Tesla released its Q2 2019 delivery and production numbers today and the company smashed its previous record by almost 5,000 cars. The stock price (T

Batteries are making their way into cruise ships 2019-07-02 13:55:38 We have already seen ships going all-electric, but they are mainly ferries operating over short distances. Now we are seeing batteries making their w

India’s Ola Electric EV unit reaches unicorn status 2019-07-02 13:23:52 India’s Ola Electric, the dedicated EV unit of ridesharing company Ola, has reportedly reached unicorn status after a recent round of funding v

Jackery’s new solar-compatible power stations start at $179, 2019-07-02 13:18:04 Today only, Home Depot offers the new Jackery by Honda 208W Mobile Power Station for $179 shipped. Regularly $249, this is the first discount we

Tesla loses three vice presidents in a week 2019-07-02 12:23:41 Another Tesla vice president left the company this week, making it the third VP-level departure from Tesla in about a week. more… Subscribe to

Honda e electric motor details revealed along with 2019-07-02 10:46:45 Honda has released some new information about its upcoming Honda E electric car, including more on its electric motor. more… Subscribe to Ele

Watch POV video of Zero SR/F electric motorcycle 2019-07-02 10:39:49 Zero Motorcycles entered their new 2019 SR/F electric streetfighter motorcycle in the Heavyweight Motorcycle division of the Pikes Peak International

Watch Tesla Supercharger V3 add 100 miles of 2019-07-02 10:13:45 Now that Tesla’s new Supercharger V3 charging stations are opening up to the public, more Model 3 owners are using them and bringing back real-

This dangerous looking two-person electric scooter wants to 2019-07-02 09:27:22 What would happen if you stretched a standard electric scooter to nearly twice its normal length and added a second handlebar? You’d get the BO

Volkswagen exec on ID.3, new electric cars: Tesla 2019-07-02 09:03:34 A new interview with Volkswagen’s chief marketing officer reveals some of the reasoning behind the carmaker’s electric car strategy, incl

EGEB: LA’s ‘revolutionary’ record low solar price, US 2019-07-02 08:45:59 In today’s EGEB: Los Angeles readies a record low solar price (with battery) that could be a game changer. The largest US commercial insurance


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.