What you need to know
- Cybereason has discovered a massive cyber-espionage campaign that has been targeting cellular networks for seven years.
- Nearly a dozen cellular networks have been hacked so far, allowing hackers to steal massive amounts of sensitive data.
- The cybersecurity company believes there is a "very high probability" of the hackers being backed by a nation-state.
An investigation conducted by researchers at Cybereason, a Boston-based cybersecurity company, has revealed that hackers have broken in to more than 10 cellular networks across Asia, Africa, Europe, and the Middle East. The "massive-scale" cyber-espionage involved stealing gargantuan amounts of sensitive data, including call records and geolocation data.
According to the security researchers at Cybereason, hackers managed to break into about a dozen carriers by exploiting vulnerabilities on their public web servers to access the internal network. They then attempted to gain access to other computers on the network with the help of stolen credentials until they eventually made their way to the domain controller. Access to the domain controller not only lets the hackers get to the call detail record database but also gives them control over the entire network. Interestingly, the hackers obtained hundreds of gigabytes of data about a small group of about 20 customers of a cellular provider in one instance, pointing at targeted surveillance.
They would exploit one machine that was publicly accessible through the internet, dump the credentials from that machine, use the credentials stolen from the first machine and repeat the whole process several times.
While Cybereason first detected the cyber-espionage campaign only a year ago, the company says that the attacks have been happening for seven years. The tools used by the hackers seem to hint at a connection to China's APT10 hacking group. Cybereason believes it is also possible that the hackers might be trying to frame APT10 as the culprit, since those tools are publicly available to everyone.
Given the sensitivity of the issue, the company hasn't named any cell network that has been targeted by the hackers. However, it did reach out to the affected networks and recommended them to implement a few fixes to ensure hackers are not able to intrude their internal networks again. Even though the hackers continue to attack more companies, the researchers at Cybereason have not found any instances of hackers attempting to attack North American carriers yet.
While China and U.S. have agreed to resume trade talks ahead of the G20 meeting in Japan, the U.S. government maintains that Chinese equipment makers such as Huawei pose a national security risk. After accusing Huawei of working with China's spy agencies, the Trump administration finally issued an executive order last month, banning U.S. companies from doing business with companies placed on the Entity List. Even though the ban has been temporarily eased, it is expected to come into full effect on August 20.
We may earn a commission for purchases using our links. Learn more.
Here's why Google probably won't release a 'true flagship Pixel' next March
Google is really bad at keeping secrets and one this big is no exception. Sorry, but you're going to be waiting until next October for any new "flagship" Pixel phone.
These are the very best Android TVs you can buy in 2020
Android TV is a sleek and powerful smart TV operating system, and these TVs ship with it built right in. Here are the best Android TVs you should consider and why they're so great!
Remembering Google Play Music: A mixtape for my favorite streaming service
After years of calling the service dead, it finally happened. Google's original music service has shut down, and I believe the best way to process that grief and emotion is through another age-old musical tradition: the mixtape.
The Galaxy Note 20 Ultra is Verizon's best phone
There's nothing quite like a new phone on America's top-rated network, and the Galaxy Note 20 Ultra is a smash hit. While it's arguably the best phone on Verizon right now, there are a lot of other great options.