Researchers Discover Three-Way Cyberattack by Chinese Military Actors against Southeast Asian Telcos (securityweek.com) 18
wiredmikey shares a report from SecurityWeek:
Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda (also known as APT27)...
Cybereason released details of a triple-pronged attack by Chinese military-affiliated groups against cellular network providers in southeast Asia. Disturbingly, Yonatan Striem-Amit, CTO and co-founder of Cybereason, told SecurityWeek, "We discovered and have evidence that Chinese advanced groups have been using the Hafnium zero-days since at least 2017." Cellular networks are a prime target for nation states because they provide an excellent steppingstone to many other types of attack and different targets. "At this point," said Striem-Amit, "the attacks seem to be a stepping point for a major espionage campaign. We all carry a device in our pocket that knows where we are, where we have been, and who we are with...."
The surprising feature, apart from their stealthy duration, is that three groups, all associated with the Chinese government and often sharing tactics, techniques and procedures, have attacked the same targets at the same time — and have even been seen on the same endpoints simultaneously. It is consequently unclear whether the groups were separately instructed to target telcos, or whether they were being guided from a single source within the Chinese military... The one thing that is clear is that telcos are a major target for China, and that it has had knowledge of and has used serious Exchange zero-day vulnerabilities for many years.
Cybereason released details of a triple-pronged attack by Chinese military-affiliated groups against cellular network providers in southeast Asia. Disturbingly, Yonatan Striem-Amit, CTO and co-founder of Cybereason, told SecurityWeek, "We discovered and have evidence that Chinese advanced groups have been using the Hafnium zero-days since at least 2017." Cellular networks are a prime target for nation states because they provide an excellent steppingstone to many other types of attack and different targets. "At this point," said Striem-Amit, "the attacks seem to be a stepping point for a major espionage campaign. We all carry a device in our pocket that knows where we are, where we have been, and who we are with...."
The surprising feature, apart from their stealthy duration, is that three groups, all associated with the Chinese government and often sharing tactics, techniques and procedures, have attacked the same targets at the same time — and have even been seen on the same endpoints simultaneously. It is consequently unclear whether the groups were separately instructed to target telcos, or whether they were being guided from a single source within the Chinese military... The one thing that is clear is that telcos are a major target for China, and that it has had knowledge of and has used serious Exchange zero-day vulnerabilities for many years.
South-East Asia typically refers to (Score:2)
Cambodia, Laos, Myanmar, Malaysia, Thailand, Vietnam, Indonesia, Philippines, Singapore, and IprobablyMissedOne.
Are these the nations they are referring to?
Re: (Score:2)
Cambodia, Laos, Myanmar, Malaysia, Thailand, Vietnam, Indonesia, Philippines, Singapore, and IprobablyMissedOne.
Are these the nations they are referring to?
Hmm... Not sure if a paradox is more likely if that last one actually does or doesn't exist ...
Re: (Score:2)
Re: (Score:3)
wikipedia says [wikipedia.org] it's Brunei, Cambodia, East Timor, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand, Vietnam.
This is getting confusing (Score:3)
Three-way cyberattack, eh? Isn't that a category on adult sites?
Re: (Score:2)
Three-way cyberattack, eh? Isn't that a category on adult sites?
It's the *worst* three-way. Zero stars, Do Not Recommend.
" triple-pronged attack by Chinese (Score:2, Troll)
Poor little China... (Score:4, Insightful)
Why does nobody want to be their friend...?
Oh right, it's shit like this.
Result should be that Huawei and other CCP (Score:2)
controlled tech companies should get banned from these countries.
Re: (Score:3)
But are there really any Chinese companies that aren't controlled by the CCP? I think the only difference is how blatant the control is. Xi has recently been making examples of various billionaires that thought they can act independently; as a result I don't believe any Chinese company would dare today oppose any "request" from the state, military or intelligence agencies. Given that, singling out Huawei but allowing Xiaomi or others is rather silly.
Re: (Score:1)
Which is worse, the corporate tech giants or government. Who mass censors, who spies on you without a warrant, who denies you existence as a human being, who bombards you with messaging demaning you consumer more and then chastises you for doing so, who data mines your private, who corrupts democracy the most. Hey wait up, I know the answer to that, who is fucking worse than Government, yes, the big tech corporations are by far the worst. Would I trust their research NO, they lie all the fucking time.
Prove
Enough with the anti-commie BS !!! (Score:1)
Big brother. (Score:1)
More info needed (Score:1)
I looked thru the article. A couple of questions came to mind. Are the attacked telcos using huawei gear? If they are, does it mean huawei gear is "safe" since they had to attack via other means?
Anyone know which telcos in which countries? That may be even more interesting to know, cos some of the south east asian nations are pro china, some are not. Wonder which nation's telcos were attacked.