An unknown group of hackers has reportedly infiltrated over 10 major telecommunications providers worldwide. The massive-scale hack has apparently remained undetected for years. The espionage attempt is believed to be targeting at least 20 high-profile individuals.
Security firms, which have dubbed the forced infiltration as "operation soft cell," believe that the hack could be state-backed given its scale and implementation. According to one of the security research firms that first discovered the hack, the targets of the attacks seem to be the carriers' call records.
These types of data contain information such as telephone numbers, call times, dates, and locations based on cell site signals. Fortunately, the compromised data does not contain the actual audio contents of the calls. However, delivered to the right hands, the hacked call records are still highly valuable.
Some carriers who have not yet implemented the appropriate security upgrades and measures can reportedly be hacked in real time. This means that hackers will have access to live calls being made. Security research firm Cybereason explained that the depth of the penetration they discovered means that the hackers can essentially shut down the networks if they wanted to.
Cybereason believes that the hacks may be targeting high-ranking government and military officials. With the data they acquired, these hackers can apparently track down the movements and communications of their intended targets.
The origins of the attacks can reportedly be traced as far back as 2012, which means that the group that perpetrated the hack has had access to call records the entire time.
According to a report from Cybereason, the attacks have been discovered in at least 10 major telecommunications providers in Europe, Asia, Africa, and the Middle East.
The cybersecurity firm has reason to believe that carriers in North America have not been affected. The names of the companies affected by the hack have not yet been disclosed.
The hacks were reportedly made on exposed servers and systems that were not upgraded to cover older vulnerabilities. Hackers penetrated the networks and created administrative accounts in order to bypass any security measures. The sophistication of the attacks led some experts to believe that it could be nationally-backed.
The techniques used are very similar to the ones used by APT10, the notorious Chinese hacking group that was exposed last year. However, most experts believe that the attack may have been done by a separate group given that ATP10's tools and methods were recently made publicly available. An additional clue that exonerates ATP10 is the fact that no US providers were affected by the hack.
