Cybereason exposes Chinese threat actors compromising telecommunications providers
DeadRinger Research highlights attack trends leveraging third-party service providers to compromise multiple targets .
Cybereason , a leader in operation-centric attack protection , has announced the discovery of several previously unidentified cyberattack campaigns infiltrating major telecommunications providers across Southeast Asia .
Similar to the recent SolarWinds and Kaseya attacks , the threat actors first compromised thirdparty service providers – but in this case instead of using them to deliver malware through a supply chain attack , the intent was to leverage them to conduct surveillance of their customers ’ confidential communications .
The report comes on the heels of the Biden administration ’ s public rebuke of China ’ s Ministry of State Security for the recent HAFNIUM attacks that exploited vulnerabilities in unpatched Microsoft Exchange Servers and put thousands of organizations worldwide at risk . Exploitation of these same vulnerabilities were central to the success of the attacks detailed in this research .
In the report , titled DeadRinger : Exposing Chinese Threat Actors Targeting Major Telcos , multiple
THE ATTACKS ARE VERY CONCERNING BECAUSE THEY UNDERMINE THE SECURITY OF CRITICAL INFRASTRUCTURE PROVIDERS .