Chinese hackers targeted telecoms firms in Southeast Asia, report says
- US-based security company Cybereason says it has identified three clusters of intrusions into the industry since at least 2017
- The attacks have links to actors ‘suspected to be operating on behalf of Chinese state interests’
The firm said it had proactively sought out threat actors after the US, Britain, European Union and others blamed China for sponsoring the massive Microsoft hack discovered earlier this year that compromised tens of thousands of computers and networks.
Beijing rejected the cyberattack claims, saying Washington had “ganged up with its allies to make groundless accusations”, and called on the US and its allies to “stop cybertheft and attacks targeting China”. The foreign ministry said Beijing opposed all forms of cyberattack, and that the US accusations lacked complete evidence in linking the hacking to the Chinese government.
02:44
US, Britain and EU accuse China of sponsoring massive Microsoft email server hack
The attackers aimed to “gain and maintain continuous access to telecommunication providers and to facilitate cyberespionage by collecting sensitive information”, which compromised call record data and network components such as web servers and Microsoft Exchange servers, the report said.
What are the hacking accusations against China?
Analysts from Cybereason said it was likely the hacking attacks were meant to facilitate espionage efforts against specific targets, such as “corporations, political figures, government officials, law enforcement agencies, political activists and dissident factions of interest to the Chinese government”.
Overlaps in the tactics, techniques and procedures (TTPs) used by the hackers indicated a likely a connection between the three actors, suggesting that the groups could have been directed by a centralised coordinating body aligned with Chinese state interests, the report said.
The US Justice Department in July also charged four Chinese citizens with establishing a company that allegedly worked with the Hainan State Security Department to hack into computer systems of companies, universities and government entities in the US and other countries from 2011 to 2018.