According to a U.S. cybersecurity company Crowdstrike, a hacking group with suspected ties to China burrowed into mobile telephone networks around the world and used specialized tools to grab calling records and text messages from telecommunication carriers.
CrowdStrike said the group, which it dubbed LightBasin, had been acting since at least 2016, but had more recently been detected wielding tools that are among the most sophisticated yet discovered.
Telecoms companies have long been a top target for nation-states, with attacks or attempts seen from China, Russia, Iran, and others. The United States also seeks access to calling records, which show which numbers called each other, how often and for how long.
CrowdStrike Senior Vice President Adam Meyers said his company gleaned the information by responding to incidents in multiple countries, which he declined to name. The company on Tuesday published technical details to let other companies check for similar attacks.
Meyers said the programs could retrieve specific data unobtrusively. "I've never seen this degree of purpose-built tools," he said.
While assuring that his team is not accusing Chinese government said that the attacks had connections to China including cryptography relying on Pinyin phonetic versions of Chinese language characters, as well as techniques that echoed previous attacks by the Chinese government.
The U.S. Cybersecurity and Infrastructure Security Agency also said that they are aware of the CrowdStrike report and will continue to work closely with U.S. carriers.
"This report reflects the ongoing cybersecurity risks facing organizations large and small and the need to take concerted action," an official said through a spokesperson.
He added "Common sense steps include implementing multifactor authentication, patching, updating software, deploying threat detection capabilities, and maintaining an incident response plan."
Image Courtesy: CNBC