Researchers identify global telecoms hacking operation likely involving China

US cyber security vendor Cybereason says it has uncovered ‘a worldwide campaign against telecommunications providers’ that it reckons involves the Chinese state.

Scott Bicheno

June 25, 2019

2 Min Read
Researchers identify global telecoms hacking operation likely involving China

US cyber security vendor Cybereason says it has uncovered ‘a worldwide campaign against telecommunications providers’ that it reckons involves the Chinese state.

The findings were published in a blog today, but the malicious activity was first discovered last year and seems to have been going since 2017. It talks of ‘an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10.’

The purpose of the attacks seems to have been to hack into mobile phone networks in order to obtain the CDRs (call detail records) of certain specific people, presumably of political or commercial interest. These CDRs provide a fairly detailed account of an individual’s activities since they offer a lot of geographical information.

The main investigation seemed to focus on one telco client, but according to an interview the researchers did with TechCrunch, at least ten other networks around the world have been subjected to similar attacks over the past seven years. They added that they seem aimed at targeted individuals but declined to name them.

“We’ve concluded with a high level of certainty that the threat actor is affiliated with China and is likely state sponsored” said the Cybereason blog. “The tools and techniques used throughout these attacks are consistent with several Chinese threat actors, specifically with APT10, a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS).”

Presumed malevolent intent by the Chinese state is at the core of much of the aggro Huawei has been dealing with this year and this sort of thing will serve to entrench those presumptions. As ever with espionage it’s very unlikely any ‘smoking gun’ evidence will ever be produced, but the circumstantial evidence is being served up on a regular basis.

About the Author

Scott Bicheno

As the Editorial Director of Telecoms.com, Scott oversees all editorial activity on the site and also manages the Telecoms.com Intelligence arm, which focuses on analysis and bespoke content.
Scott has been covering the mobile phone and broader technology industries for over ten years. Prior to Telecoms.com Scott was the primary smartphone specialist at industry analyst Strategy Analytics’. Before that Scott was a technology journalist, covering the PC and telecoms sectors from a business perspective.
Follow him @scottbicheno

Subscribe and receive the latest news from the industry.
Join 56,000+ members. Yes it's completely free.

You May Also Like