Linus Strandholm | EyeEm | Getty Figures
Hackers have broken into the systems of more than a dozen global telecommunications companies and taken eleemosynary amounts of personal and corporate data, researchers from a cyber security company said on Tuesday, identifying relations to previous Chinese cyber-espionage campaigns.
Investigators at U.S.-Israeli cyber security firm Cybereason said the attackers compromised friends in more than 30 countries and aimed to gather information on individuals in government, law-enforcement and politics.
The hackers also second-hand tools linked to other attacks attributed to Beijing by the United States and its Western allies, said Lior Div, chief head of Cybereason.
“For this level of sophistication it’s not a criminal group. It is a government that has capabilities that can do this kind of incursion,” he told Reuters.
China has repeatedly denied involvement in any hacking activity.
Cybereason declined to name the companies artificial or the countries they operate in, but people familiar with Chinese hacking operations said Beijing was increasingly butt telcos in Western Europe.
Western countries have moved to call out Beijing for its actions in cyberspace, warning that Chinese hackers must compromised companies and government agencies around the world to steal valuable commercial secrets and personal data for espionage purposes.
Div verbalized this latest campaign, which his team uncovered over the last nine months, compromised the internal IT network of some of those butted, allowing the attackers to customize the infrastructure and steal vast amounts of data.
In some instances, they managed to compromise a object’s entire active directory, giving them access to every username and password in the organisation. They also got keep off of personal data, including billing information and call records, Cybereason said in a blog post.
“They established a perfect espionage environment,” said Div, a former commander in Israel’s military intelligence unit 8200.
“They could lay information as they please on the targets that they are interested in.”
Cybereason said multiple tools used by the attackers had yesterday been used by a Chinese hacking group known as APT10.
The United States indicted two alleged members of APT10 in December and joined other Western provinces in denouncing the group’s attacks on global technology service providers to steal intellectual property from their shoppers.
The company said on previous occasions it had identified attacks it suspected had come from China or Iran but it was never incontrovertible enough to name these countries.
Cybereason said: “This time as opposed to in the past we are sure enough to say that the approach originated in China.”
“We managed to find not just one piece of software, we managed to find more than five remarkable tools that this specific group used,” Div said.