Chinese Hacked US Telecom a Year Before Known Wireless Breaches (bloomberg.com) 11
An anonymous reader quotes a report from Bloomberg: Corporate investigators found evidence that Chinese hackers broke into an American telecommunications company in the summer of 2023, indicating that Chinese attackers penetrated the US communications system earlier than publicly known. Investigators working for the telecommunications firm discovered last year that malware used by Chinese state-backed hacking groups was on the company's systems for seven months starting in the summer of 2023, according to two people familiar with the matter and a document seen by Bloomberg News. The document, an unclassified report sent to Western intelligence agencies, doesn't name the company where the malware was found and the people familiar with the matter declined to identify it.
The 2023 intrusion at an American telecommunications company, which hasn't been previously reported, came about a year before US government officials and cybersecurity companies said they began spotting clues that Chinese hackers had penetrated many of the country's largest phone and wireless firms. The US government has blamed the later breaches on a Chinese state-backed hacking group dubbed Salt Typhoon. It's unclear if the 2023 hack is related to that foreign espionage campaign and, if so, to what degree. Nonetheless, it raises questions about when Chinese intruders established a foothold in the American communications industry. "We've known for a long time that this infrastructure has been vulnerable and was likely subject to attack," said Marc Rogers, a cybersecurity and telecommunications expert. "What this shows us is that it was attacked, and that going as far back as 2023, the Chinese were compromising our telecom companies." Investigators linked the sophisticated rootkit malware Demodex to China's Ministry of State Security, noting it enabled deep, stealthy access to systems and remained undetected on a U.S. defense-linked company's network until early 2024.
A Chinese government spokesperson denied responsibility for cyberattacks and accused the U.S. and its allies of spreading disinformation and conducting cyber operations against China.
The 2023 intrusion at an American telecommunications company, which hasn't been previously reported, came about a year before US government officials and cybersecurity companies said they began spotting clues that Chinese hackers had penetrated many of the country's largest phone and wireless firms. The US government has blamed the later breaches on a Chinese state-backed hacking group dubbed Salt Typhoon. It's unclear if the 2023 hack is related to that foreign espionage campaign and, if so, to what degree. Nonetheless, it raises questions about when Chinese intruders established a foothold in the American communications industry. "We've known for a long time that this infrastructure has been vulnerable and was likely subject to attack," said Marc Rogers, a cybersecurity and telecommunications expert. "What this shows us is that it was attacked, and that going as far back as 2023, the Chinese were compromising our telecom companies." Investigators linked the sophisticated rootkit malware Demodex to China's Ministry of State Security, noting it enabled deep, stealthy access to systems and remained undetected on a U.S. defense-linked company's network until early 2024.
A Chinese government spokesperson denied responsibility for cyberattacks and accused the U.S. and its allies of spreading disinformation and conducting cyber operations against China.
Err (Score:1)
Everyone has a price (Score:5, Insightful)
Yes but did they ... (Score:2)
Re: (Score:2)
Why would they? I would expect that spying on US senators is completely legal in China.
Exploiting 0 Day (or earlier) goes way back (Score:2, Interesting)
Especially on Windows, I've used 0 day exploits to take control of the machine, mainly for white hat purposes (sorry, college, more black hat then). One of my friends even got fired over white hat hacking and revealing security holes in the enterprise software we were developing and eventually whistleblowing when they tried security through obfuscation rather than fixing the problems. He sued and got like 6 million dollars.
On UNIX/Linux, it is mostly an admin problem. Setting up a web server that issues web
Winning the war of computer security? (Score:2)
Real winners fight harder. The losers just complain about the rules and refs.
The YOB is trying to remake America in his own image. A nation of whiners, not winners.
Me? I used to think we had better computer security experts than they did. Or maybe we did and chased all of them back to China? That could explain a lot of what's going on now...
Re: (Score:2)
Me? I used to think we had better computer security experts than they did. Or maybe we did and chased all of them back to China? That could explain a lot of what's going on now...
Computer security experts can only do so much when the mainstream OS and applications are cheapest possible crap.
Re: (Score:2)
Just put everything in the cloud! The cloud will solve all of your security and upgrade treadmill problems!
Kids, if you're listening: when the cloud breaks, it may not be your fault, but it will definitely still be your problem.
Re: (Score:2)
Basically the ACK though I think perverse incentives are at the root of the feeping creaturitis that will probably destroy us...
Re: (Score:1)
Re: (Score:2)
ACK but only partial concurrence. I think we can build secure software. If it is small enough. And if only there were ANY liability for the consequences of flagrant incompetence.
Every new feature should be considered against its security implementations. Rather than implementing any new feature that might bring in a few bucks leading to an unending stream of patches for security problems mostly in software that provides features I am not using. Actually NO one is using ALL of the features floating around, s