Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
China Communications Security

Researchers Discover Three-Way Cyberattack by Chinese Military Actors against Southeast Asian Telcos (securityweek.com) 18

wiredmikey shares a report from SecurityWeek: Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda (also known as APT27)...

Cybereason released details of a triple-pronged attack by Chinese military-affiliated groups against cellular network providers in southeast Asia. Disturbingly, Yonatan Striem-Amit, CTO and co-founder of Cybereason, told SecurityWeek, "We discovered and have evidence that Chinese advanced groups have been using the Hafnium zero-days since at least 2017." Cellular networks are a prime target for nation states because they provide an excellent steppingstone to many other types of attack and different targets. "At this point," said Striem-Amit, "the attacks seem to be a stepping point for a major espionage campaign. We all carry a device in our pocket that knows where we are, where we have been, and who we are with...."

The surprising feature, apart from their stealthy duration, is that three groups, all associated with the Chinese government and often sharing tactics, techniques and procedures, have attacked the same targets at the same time — and have even been seen on the same endpoints simultaneously. It is consequently unclear whether the groups were separately instructed to target telcos, or whether they were being guided from a single source within the Chinese military... The one thing that is clear is that telcos are a major target for China, and that it has had knowledge of and has used serious Exchange zero-day vulnerabilities for many years.

This discussion has been archived. No new comments can be posted.

Researchers Discover Three-Way Cyberattack by Chinese Military Actors against Southeast Asian Telcos

Comments Filter:
  • Cambodia, Laos, Myanmar, Malaysia, Thailand, Vietnam, Indonesia, Philippines, Singapore, and IprobablyMissedOne.

    Are these the nations they are referring to?

    • Cambodia, Laos, Myanmar, Malaysia, Thailand, Vietnam, Indonesia, Philippines, Singapore, and IprobablyMissedOne.
      Are these the nations they are referring to?

      Hmm... Not sure if a paradox is more likely if that last one actually does or doesn't exist ...

    • by Jzanu ( 668651 )
      You definitely missed Brunei. And possibly Bangladesh depending on how much emphasis is on south and how much is on the east part of your reference.
    • wikipedia says [wikipedia.org] it's Brunei, Cambodia, East Timor, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand, Vietnam.

  • by DontBeAMoran ( 4843879 ) on Saturday August 07, 2021 @03:07PM (#61667523)

    Three-way cyberattack, eh? Isn't that a category on adult sites?

    • Three-way cyberattack, eh? Isn't that a category on adult sites?

      It's the *worst* three-way. Zero stars, Do Not Recommend.

  • military-affiliated" Let me guess Apple, Facebook and Google
  • by suss ( 158993 ) on Saturday August 07, 2021 @04:16PM (#61667673)

    Why does nobody want to be their friend...?

    Oh right, it's shit like this.

  • controlled tech companies should get banned from these countries.

    • But are there really any Chinese companies that aren't controlled by the CCP? I think the only difference is how blatant the control is. Xi has recently been making examples of various billionaires that thought they can act independently; as a result I don't believe any Chinese company would dare today oppose any "request" from the state, military or intelligence agencies. Given that, singling out Huawei but allowing Xiaomi or others is rather silly.

      • by rtb61 ( 674572 )

        Which is worse, the corporate tech giants or government. Who mass censors, who spies on you without a warrant, who denies you existence as a human being, who bombards you with messaging demaning you consumer more and then chastises you for doing so, who data mines your private, who corrupts democracy the most. Hey wait up, I know the answer to that, who is fucking worse than Government, yes, the big tech corporations are by far the worst. Would I trust their research NO, they lie all the fucking time.

        Prove

  • Did all three try and type on the one keyboard [youtube.com] at the same time :]
  • Yeah they even have a proxy in their base station soft because you must have active queue management well congestion control and other features hehe.
  • I looked thru the article. A couple of questions came to mind. Are the attacked telcos using huawei gear? If they are, does it mean huawei gear is "safe" since they had to attack via other means?

    Anyone know which telcos in which countries? That may be even more interesting to know, cos some of the south east asian nations are pro china, some are not. Wonder which nation's telcos were attacked.

"Pull the trigger and you're garbage." -- Lady Blue

Working...