U.S.-Israeli cyber security firm Cybereason has been investigating these hacking attacks by Chinese hackers for the last 9 months.
On Tuesday, researchers from a cyber security company Cybereason stated, Chinese hackers have broken into the systems of more than a dozen global telecoms companies and have stolen large amounts of personal and corporate data.
According to investigators at U.S.-Israeli cyber security firm, the attackers had compromised companies in more than 30 countries; the aim of the attack was to gather information on individuals in politics, government, and law-enforcement.
The attackers used tools linked to other attacks that have been attributed to Beijing by the United States and its Western allies, said Lior Div, chief executive of Cybereason.
“For this level of sophistication it’s not a criminal group. It is a government that has capabilities that can do this kind of attack,” said Div.
China has denied involvement in any hacking activity.
Although Cybereason declined to name the affected companies or the countries they operate in, source familiar with Chinese hacking operations stated Beijing was increasingly targeting telcos in Western Europe.
Many countries across the globe, especially those in the West, have pointed out that Beijing has targetted and compromised data of private and public companies along as well as those of government agencies around the world; data that has been stolen includes valuable commercial secrets as well as personal data.
In their talest hacking campaigns, hackers operating from China have managed to compromise the internal IT network of some of those companies it has targeted; the hackers have been able to customize the infrastructure and steal vast amounts of data.
In some instances, hackers have managed to compromise a target’s entire active directory, thus allowing them access to every username and password in the organization.
“They built a perfect espionage environment,” said Div, a former commander in Israel’s military intelligence unit 8200. “They could grab information as they please on the targets that they are interested in.”
Cybereason stated, the hackers used multiple tools that have been previously used by a Chinese hacking group known as APT10.
Although in previous attacks, the Cybereason was unsure of the country of origin of the attacks, “This time as opposed to in the past we are sure enough to say that the attack originated in China,” said Cybereason. “We managed to find not just one piece of software, we managed to find more than five different tools that this specific group used”.