Chinese hackers targeted telecoms firms in Southeast Asia, report says

Name: US, Britain and EU accuse China of sponsoring massive Microsoft email server hack
Uploaded: 2021-08-03T13:30:06.000Z
Duration: 2 min 44 s
Description: US, Britain and EU accuse China of sponsoring massive Microsoft email server hack

US-based security company Cybereason says it has identified three clusters of intrusions into the industry since at least 2017

The attacks have links to actors ‘suspected to be operating on behalf of Chinese state interests’

2-MIN READ2-MIN

Cybereason said the attacks were likely meant to facilitate espionage efforts against specific targets “of interest to the Chinese government”. Photo: Reuters

Sarah Zheng

Published: 9:30pm, 3 Aug 2021Updated: 9:58pm, 3 Aug 2021

Chinese cyberespionage groups have been targeting major telecoms providers across Southeast Asia, according to a new report, following accusations from the US and other countries that China hacked into Microsoft Exchange email servers.

Boston-based security firm Cybereason said in a report on Tuesday that it had identified three clusters of intrusions into the region’s telecoms industry since at least 2017, with links to threat actors that were “suspected to be operating on behalf of Chinese state interests”.

The firm said it had proactively sought out threat actors after the US, Britain, European Union and others blamed China for sponsoring the massive Microsoft hack discovered earlier this year that compromised tens of thousands of computers and networks.

The latest hacking allegations come after the US in mid-July vowed to work with its allies against China’s “destabilising behaviour in cyberspace”, including the exposure of internal communications in Microsoft Exchange software by Chinese-based hackers known as Hafnium.

Beijing rejected the cyberattack claims, saying Washington had “ganged up with its allies to make groundless accusations”, and called on the US and its allies to “stop cybertheft and attacks targeting China”. The foreign ministry said Beijing opposed all forms of cyberattack, and that the US accusations lacked complete evidence in linking the hacking to the Chinese government.

02:44

US, Britain and EU accuse China of sponsoring massive Microsoft email server hack

In its report on Tuesday, Cybereason said it had found three clusters of intrusions, the first connected to Soft Cell – a group it said was highly likely to be “operating in the interests of China”. The second involved Naikon APT, a cyberespionage group that has been linked to the People’s Liberation Army and was mainly found to have targeted countries in the Association of Southeast Asian Nations. The third cluster was a back-door in Microsoft’s Outlook Web Access with “significant code similarities” to a previous back-door operation attributed to the China-based threat actor known as Group-3390.