China-linked hacking group accessing calling records worldwide, CrowdStrike says




  • In World
  • 2021-10-19 11:05:12Z
  • By Reuters

By Joseph Menn

SAN FRANCISCO (Reuters) - A hacking group with suspected ties to China burrowed into mobile telephone networks around the world and used specialized tools to grab calling records and text messages from telecommunication carriers, a U.S. cybersecurity company said on Tuesday.

CrowdStrike said the group, which it dubbed LightBasin, had been acting since at least 2016, but had more recently been detected wielding tools that are among the most sophisticated yet discovered.

Telecoms companies have long been a top target for nation-states, with attacks or attempts seen from China, Russia, Iran, and others. The United States also seeks access to calling records, which show which numbers called each other, how often and for how long.

CrowdStrike Senior Vice President Adam Meyers said his company gleaned the information by responding to incidents in multiple countries, which he declined to name. The company on Tuesday published technical details to let other companies check for similar attacks.

Meyers said the programs could retrieve specific data unobtrusively. "I've never seen this degree of purpose-built tools," he told Reuters.

Meyers said his team was not accusing the Chinese government of directing the attacks by the hacking group. But he said the attacks had connections to China including cryptography relying on Pinyin phonetic versions of Chinese language characters, as well as techniques that echoed previous attacks by the Chinese government.

The Chinese embassy in Washington did not respond to questions from Reuters.

Asked for comment, the U.S. Cybersecurity and Infrastructure Security Agency said it was aware of the CrowdStrike report and would continue to work closely with U.S. carriers.

"This report reflects the ongoing cybersecurity risks facing organizations large and small and the need to take concerted action," an official said through a spokesperson.

"Common sense steps include implementing multifactor authentication, patching, updating software, deploying threat detection capabilities, and maintaining an incident response plan."

The findings underscore the vulnerability of major networks providing the backbone for communications and help explain the increasing demand for strong, end-to-end encryption that the networks - and anyone with access to those networks - cannot decipher.

(Reporting by Joseph Menn; editing by Richard Pullin)

COMMENTS

More Related News

China
China's Credit Growth Rebounds After Slowing for Almost a Year

(Bloomberg) -- China's credit growth picked up in November, boosted by faster sales of corporate and government bonds and a slight easing of property-related...

Can Biden
Can Biden's 'divisive' democracy summit deliver?

Billed as a rallying call for human rights and liberties, the event has been lambasted by critics such as China and even invitees are critical Joe Biden's...

China Stocks Eye Best 3-Day Gain Since February on Easing Hopes
China Stocks Eye Best 3-Day Gain Since February on Easing Hopes

(Bloomberg) -- China's stocks rallied for a third day as investors continued to cheer policymakers' efforts to shore up the economy, with moderating factory ...

Exclusive-Lithuania braces for China-led corporate boycott
Exclusive-Lithuania braces for China-led corporate boycott
  • US
  • 2021-12-09 06:13:00Z

China has told multinationals to sever ties with Lithuania or face being shut out of the Chinese market, a senior government official and an industry body...

Evergrande Restructuring Leaves Bondholders at Mercy of Beijing
Evergrande Restructuring Leaves Bondholders at Mercy of Beijing

(Bloomberg) -- When China Evergrande Group finally acknowledged the need for a debt restructuring last week, the embattled property giant pledged to...

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply

Comments

Top News: World