Ionut Arghire
All four major telecommunications providers in Singapore were targeted last year by a Chinese APT, according to Singapore’s cybersecurity agency CSA and its development agency IMDA.
The attack, initially disclosed in July, was attributed to UNC3886, a cyberespionage group active since at least 2021, which is known for targeting vulnerabilities in Ivanti, Juniper, and VMware products.
“UNC3886 launched a deliberate, targeted, and well-planned campaign against Singapore’s telecommunications sector. All four of Singapore’s major telecommunications operators – M1, SIMBA Telecom, Singtel and StarHub – have been the target of attacks,” CSA says.
As part of the campaign, the agency notes, the APT deployed advanced tools, including a zero-day exploit in a firewall, to access a telco’s network and obtain a small amount of technical data.
UNC3886 was also seen deploying rootkits to evade detection and maintain persistent access to the compromised environments.
No comments:
Post a Comment