cyber trends
DEADRINGER RESEARCH HIGHLIGHTS ATTACK TRENDS LEVERAGING THIRD- PARTY SERVICE PROVIDERS TO COMPROMISE MULTIPLE TARGETS .
ybereason , a leader
C in operation-centric attack protection , has announced the discovery of several previously unidentified cyberattack campaigns infiltrating major telecommunications providers across south-east Asia .
Cybereason exposes Chinese threat actors compromising telecommunications providers
Similar to the recent SolarWinds and Kaseya attacks , the threat actors first compromised third-party service providers – but in this case instead of using them to deliver malware through a supply chain attack , the intent was to leverage them to conduct surveillance of their customers ’ confidential communications .
The report comes on the heels of the Biden administration ’ s public rebuke of China ’ s Ministry of State Security for the recent HAFNIUM attacks that exploited vulnerabilities in unpatched Microsoft
Exchange Servers and put thousands of organisations worldwide at risk . Exploitation of these same vulnerabilities were central to the success of the attacks detailed in this research .
In the report , titled DeadRinger : Exposing Chinese Threat Actors Targeting Major Telcos , multiple clusters of attack activity were identified that have evaded detection since at least 2017 and are assessed to be the work of several prominent Advanced Persistent Threat ( APT ) groups aligned with the interests of the Chinese government .
Cybereason observed a significant overlap in Tactics , Techniques and Procedures ( TTPs ) across the three operations and assessed that the attackers were likely tasked with parallel objectives under the direction of a centralised co-ordinating body aligned with Chinese state interests .
18 www . intelligentciso . com