Security vendor CrowdStrike claims it's spotted the group and that it "Has been consistently targeting the telecommunications sector at a global scale since at least 2016 to retrieve highly specific information from mobile communication infrastructure, such as subscriber information and call metadata." The gang appears to understand telco operations well enough to surf the carrier-to-carrier links that enable mobile roaming, across borders and between carriers, to spread its payloads. "Whatever the group is called, the pair write that it"employs significant operational security measures, primarily establishing implants across Linux and Solaris servers, with a particular focus on specific telecommunications systems, and only interacting with Windows systems as needed.
"The Harvester group uses both custom malware and publicly available tools in its attacks, which began in June 2021, with the most recent activity seen in October 2021. Sectors targeted include telecommunications, government, and information technology," Symantec researchers said. "The capabilities of the tools, their custom development, and the victims targeted, all suggest that Harvester is a nation-state-backed actor."
"We solve something that had previously been thought impossible - achieving location privacy in mobile networks," said Paul Schmitt, an associate research scholar at the Center for Information Technology Policy at Princeton University, told The Register. In "Pretty Good Phone Privacy," [PDF] a paper scheduled to be presented on Thursday at the Usenix Security Symposium, Schmitt and Barath Raghavan, assistant professor of computer science at the University of Southern California, describe a way to re-engineer the mobile network software stack so that it doesn't betray the location of mobile network customers.
Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda.
Parallel Wireless is been selected by Axiata Group Berhad as a strategic partner providing O-RAN networks for the group's digital telcos across Southeast Asia and South Asia, enabling both 2G and 4G broadband connectivity. Headquartered in Malaysia, Axiata is one of the leading Mobile Network Operators in Asia operating digital telcos, digital businesses and infrastructure with a vision to be the Next Generation Digital Champion by 2024.
Security vendor McAfee has detected an attack it believes was likely aimed at telecoms companies in the hope of stealing information related to 5G networks. McAfee has named the attack "Operation Diànxùn" and says it resembles past attacks perpetrated by groups named RedDelta and Mustang Panda.
Chinese-language APTs are targeting telecom companies in cyberespionage campaigns aimed at stealing sensitive data and trade secrets tied to 5G technology, according to researchers. "While the initial vector for the infection is not entirely clear. [We believe] with a medium level of confidence that victims were lured to a domain under control [a] the threat actor, from which they were infected with malware," according to McAfee researchers in a Tuesday report.
Volatile Cedar, an advanced hacker group believed to be connected to the Lebanese Hezbollah Cyber Unit, has been silently attacking companies around the world in espionage operations. Using common web shell utilities as the main hacking tool and rarely relying on other tools, which hindered attribution.
Britain's Telecommunications Security Bill will allow anyone to sue their telco if they suffer "Loss or damage" as a result of a system breach - but only if they get Ofcom's permission. Buried in the details away from the China-bashing stuff is a potentially heavy stick to be wielded by telco regulator Ofcom, pitting baying crowds against telecoms operators.
Using the HPE 5G Lab, telcos can speed up 5G adoption and access new revenues faster by getting hands-on experience with the latest 5G innovations in a live test environment. Already this year, HPE has introduced HPE 5G Core Stack, an open, cloud-native 5G core network software stack; the HPE Resource Aggregator for Open Distributed Infrastructure Management, simplifying the management of telco grade compute infrastructure for 5G across thousands of sites; and HPE Edge Orchestrator, enabling telcos to deliver new edge computing services to customers at the edge of telco networks.