Telecoms Targeted By Sophisticated Cyber Campaign

05 August 2019

Global telecommunication companies have been targeted by a cyber-attack that seeks to steal sensitive customer call records, according to US-based cyber security firm Cybereason.

The attack, dubbed “Operation Soft Cell”, has been active since at least 2012 and affected at least 10 telecom companies in multiple countries.

The hackers managed to infiltrate the deepest segments of the providers’ network, including some isolated internet segments, and compromise critical assets, according to Cybereason.

The attacks showed some signs of being carried out by a nation state. Although cyber criminals are generally motivated by financial gain, nation states are typically seeking intellectual property or sensitive information about their clients.

According to Cybereason, the hackers were attempting to steal call detail records, which includes usernames and passwords, as well as personally identifiable information, such as billing data, call detail records, credentials, emails, and the geo-location data of users.

The attacks were targeted and customised. The hackers worked in waves, abandoning attacks when detected, only to return months later with new tools and techniques. In one instance, Cybereason identified four attack waves over a period of six months.

The hackers used mostly known tools, customised for each attack.

Cybe Decoder Survey banner

The hackers mostly used known tools, customised for each attack, although some unknown tools were also used in the later stages of the attack to decrease the risk of exposure or attribution, according to Cybereason.

These tools were used in the later stages of the attack to decrease the risk of exposure or attribution, it said.

  • TALK TO AN EXPERT

  • DOWNLOAD AND SHARE

  • SIGN UP

  • Sarah StephensSarah Stephens

    As part of Marsh JLT Specialty's London-based Financial Lines Group, Sarah and her team work both directly with our clients and with network colleagues and independent partners to make sense of cyber, technology, and media E&O (PI) risks and create leading edge bespoke insurance solutions in the London market.


    Prior, Sarah spent 12 years with Aon in a variety of roles. Her last role at Aon was Head of Cyber & Commercial E&O for the Europe, Middle East, and Africa (EMEA) Region, working with colleagues across business groups and clients in the region to identify, analyse, and drive awareness of cyber risks, exposures, and both insurance and non-insurance solutions.


    Previously, Sarah spent seven years with Aon’s US Cyber and Errors & Omissions practice group thinking nonstop about cyber insurance way before it was cool. Her first four years at Aon were spent in the Account Management group working with large clients and developing a keen eye for excellent client service.



    For further information or to learn more about cyber insurance, contact Sarah Stephens, Head of Cyber, on +44 (0)20 8108 9541.

  • For more articles like this, download our Cyber Decoder

    Share this article

     
  • Get everything you need, delivered straight to your inbox.

    Sign up to receive our latest news and insights here.

DISCLAIMER

Services provided in the United Kingdom by Marsh JLT Specialty, a trading name of Marsh Ltd and JLT Specialty Limited (together “MMC”). Marsh Ltd is authorised and regulated by the Financial Conduct Authority for General Insurance Distribution and Credit Broking (Firm Reference No. 307511). JLT Specialty Ltd is a Lloyd’s Broker, authorised and regulated by the Financial Conduct Authority for General Insurance Distribution and Credit Broking (Firm Reference No. 310428).

This is not legal advice and is intended only to highlight general issues relating to its subject matter. Whilst every effort has been made to ensure the accuracy of the content of this document, no MMC entity accepts any responsibility for any error, or omission or deficiency. The information contained within this document may not be reproduced. If you are interested in utilising the services of MMC you may be required by/under your local regulatory regime to utilise the services of a local insurance intermediary in your territory to export insurance and (re)insurance to us unless you have an exemption and should take advice in this regard.