Tag Archive for: telcos

Ukrainian Telcos Targeted by Suspected Sandworm Hackers

/in


Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime

Attackers’ MO: Data Exfiltration, Followed by Network and Hardware Disruption

Mathew J. Schwartz (euroinfosec) •
October 17, 2023    

Ukrainian Telcos Targeted by Suspected Sandworm Hackers
Communication gear on the TV tower of Central Television of Ukraine in Kyiv, Ukraine, in a photo from 2014 (Image: Shutterstock)

Russian hackers are targeting Ukrainian government agencies and critical infrastructure with a barrage of “destructive” malware designed to wipe or destroy IT systems, Kyiv cyber defenders said.

See Also: Challenges and Solutions in MSSP-Driven Governance, Risk, and Compliance for Growing Organizations

Between May and September, at least 11 Ukrainian telecommunications firms detected hacks that, in some cases, disrupted service, Ukraine’s Computer Emergency Response Team, CERT-UA, reported Monday.

Ukraine gave the codename UAC-0165 to the threat actor behind the attacks and said it has moderate confidence that the attacks are being perpetrated by the Sandworm hacking team, which has pummeled Ukraine with cyberattacks for more than half a decade. Western intelligence says that Sandworm – aka Seashell Blizzard, TeleBots and Voodoo Bear – is run by Russia’s GRU military intelligence agency.


In January, Ukraine’s top information protection agency warned that Russia continues to use data stealers and wiper malware for destruction and cyberespionage as it continues its war of aggression. The State Service of Special Communications and Information Protection of Ukraine reported that the sectors being most targeted are energy, security and defense, telecommunications, technology and development, finance, and logistics.


The SSSCIP recently said Moscow appeared to be stepping up its destructive attacks, especially against the energy sector,…

Source…

Telcos, banks, data centres urged to explore use of quantum security at new centre

/in


SINGAPORE – Hackers armed with quantum computers may soon trump virtual private networks, decode passwords and break other traditional encryption software that forms the basis of today’s Internet security.

And the adoption of new cyber-security software to fend off hackers who could soon wreak havoc with quantum technology is not catching quickly enough.

A newly launched experience centre, dubbed the Quantum Networks Experience Centre, at research and development hub one-north hopes to bridge the gap.

It was launched last week by National University of Singapore’s quantum security systems spin-off SpeQtral in partnership with Japanese firm Toshiba. The centre aims to promote the adoption of quantum-secure systems in the region.

It is hoped that national agencies and private enterprises such as telcos, banks and data centres can explore commercial uses for the technology.

The effort is backed by the National Research Foundation, Temasek and national institutions such as Enterprise Singapore and the Economic Development Board.

Standard encryption, which is based on mathematical codes, has become all too familiar to hackers who can decrypt it to access sensitive secrets or cripple networks.

Quantum cryptography, on the other hand, harnesses the quantum properties of light particles to create a seemingly unbreakable cryptographic algorithm to secure satellite or fibre broadband communications.

In the wrong hands, quantum technology can unravel the Internet, as it can potentially crack current encryption algorithms exponentially faster than even the best of non-quantum machines.

National institutions have recognised the promise and potential threat of the nascent technology and doubled down on investments in the field. The authorities and cyber-security providers have also urged businesses to heed these early warnings.

SpeQtral chief executive Lum Chune Yang said: “In terms of general knowledge about quantum communications, it is nowhere near what it needs to be… Any institution that handles high-value data or a high volume of data should take note.”

He added: “We are entrusting government agencies, banks and cloud providers with all our data, so those…

Source…

Following Optus Hack, Another Data Breach for Australia’s Biggest Telcos as Telstra Exposes Employee Data

/in


Just two weeks after Australia’s second-largest telecoms company was hacked, the largest in the market has suffered a data breach. The Telstra breach appears to be relatively minor as compared to the Optus hack, however, as the company reports only a “small amount” of employee data was exposed.

Source of Telstra data breach still unknown, 30K employee files impacted

While the Telstra data breach is considered “relatively” minor given the size of the company, it nevertheless included a substantial amount of records; the company says that some 30,000 employee files dating back to 2017 were exposed. However, the information in each was apparently extremely basic with just names and email addresses contained in most of the breached files.

If that assessment holds up it compares quite favorably to the Optus hack, which exposed the customer records of millions of Australians including driver’s license and passport numbers. The hacker sought profit from the attack, pledging to publicly release the customer records of 10,000 people per day until they received $1 million in ransom. A 19 year-old Sydney man was arrested on October 5 after texting 93 of the victims demanding an individual $2,000 ransom from each, but police say that the man is likely not the breach perpetrator and simply made use of data that the attacker had already made public.

Telstra says that no customers were impacted by the more recent data breach, only current and former employees that were with the company over roughly the past five years. There is also not much detail as of yet about how the data breach happened, in contrast to quick assignment of blame by the Australian government in the case of the Optus hack. That breach is suspected to have originated from an unprotected API that was mistakenly exposed to the internet. Telstra only said that the data breach was at a “third party provider” and did not involve its internal systems, and that a little under half of the exposed records belonged to current employees.

There is no concrete connection between the two data breaches as of yet, but the Telstra attacker took to the same underground forum that the Optus hacker used to attempt to peddle their…

Source…

How NZ’s top 3 telcos are protecting Kiwis from cyber threats

/in


Ahead of Cyber Smart Week and following the cyber attack on Australian telecommunications company Optus, 1News checked in with three major players in the New Zealand market to see how Kiwis are being protected from cyber crime.

The computer hacker who stole the personal data of almost 10 million customers of a telecommunications company in one of Australia’s worst privacy breaches used techniques to conceal their identity, actions and whereabouts, police said on Friday.

But Optus maintains it was the target of a sophisticated cyber attack that penetrated several layers of security.

1News spoke to telecommunications companies, Spark, Vodafone and 2degrees about their security measures and how they help keep their customers’ data safe.

Vodafone/One NZ

Sam Sinnott, spokesperson from Vodafone, said it’s aware of the cyber attack on Optus, “and like all large companies, we take our responsibilities around cyber security extremely seriously”.

“Due to the sensitive nature of this topic, we can’t share more detail with you, however we regularly test and review our cyber security defences, including the technology, processes, and training that we have in place to keep our customers, systems, and employees secure.

“We can also share that DEFEND is an award-winning company themselves and their expertise is invaluable to New Zealand businesses. DEFEND offers a range of threat protection services as well as incident response and security management and has won multiple awards including Microsoft’s New Zealand partner of the year for 2022,” Sinnott said.

At an announcement about the company’s rebrand to One NZ last week, chief executive Jason Paris said Vodafone has a 24/7 manned cyber defence centre.

He said every business customer will have the opportunity to upgrade to Microsoft’s premium security offering as Vodafone becomes One NZ.

“Given what’s happening recently in Australia – the security breaches and the constant attacks that New Zealander’s don’t see but we defend every single day – it’s a great thing for New Zealand businesses,” Paris said.

Paris said the company has a range of world-leading technology solutions that makes sure “we are sensing in real-time all of…

Source…