Chinese hackers have attacked global telecommunications companies to siphon off hundreds of gigabytes of data, according to an investigation by security company Cybereason.
The long-running hacking campaign, which has breached about 10 cellular providers in Africa, Europe, the Middle East and Asia, bears all the hallmarks of an intelligence operation, Cybereason researchers said. In one instance, the spies targeted roughly 20 customers of a cellular provider.
Cybereason declined to name the breached telecommunications providers, but said they had hundreds of millions of customers in total.
Cybereason analysts found hacking tools such as a modified web shell and a remote access trojan that are commonly associated with, but not unique to, Chinese hackers. While not ruling out a possible false flag or copycat, the analysts concluded with a “high level of certainty” that the campaign was state-sponsored and affiliated with China.
SCADA operators, using leased services should re-evaluate potentials impacts to supply chain and potential impacts to resiliency, especially for leased services from telecoms.