Home / News

State-Sponsored Cyberattack Against Telecom Providers Is Targetting Data on Specific Individuals

By CircleID Reporter

The researchers at Cybereason Nocturnus have identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. This multi-wave attack is reported to have sought to steal communications data of specific individuals in various countries. In their report released today, Cyberason researchers say:

“The threat actor was attempting to steal all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more.”

Understanding the motive: “When you think of large breaches to big organizations, the first thing that comes to mind is usually payment data. ... These attacks are usually conducted by a cybercrime group looking to make money. In contrast, when a nation-state threat actor is attacking a big organization, the end goal is typically not financial, but rather intellectual property or sensitive information about their clients. ... obtaining access to this data gives them intimate knowledge of any individuals they wish to target on that network.”

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

 Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

View All Topics