Security researchers have found that hackers have infiltrated more than a dozen mobile carriers since 2012. James Martin/CNET Hackers have quietly infiltrated more than a dozen mobile carriers around the world, gaining complete control of networks behind the companies’ backs. The attackers have been using that access over the last seven years to steal sensitive data, but have so much control they could shut down communications at a moment’s notice, according to Cybereason, a security company based in Boston. On Tuesday, Cybereason said it’s been investigating the campaign, dubbed Operation Soft Cell, through which hackers targeted phone providers in Europe, Asia, Africa and the Middle East. The hackers infected multiple mobile carriers since 2012, gaining control and siphoning off hundreds of gigabytes of data on people. It constitutes a potentially massive breach — with more fallout still to come — as companies across different industries struggle with how to protect their customers’ data. The hackers also had highly privileged access to do more than steal information. “They have all the usernames and passwords, and created a bunch of domain privileges for themselves, with more than one user,” said Amit Serper, Cybereason’s head of security research. “They can do whatever they want. Since they have such access, they could shut down the network tomorrow if they wanted to.” Gigabytes of data theft Cyberattacks on infrastructure are a national security concern — hackers have found ways to shut down electrical power grids and access dams. The US Department of Homeland Security has created its own center for dealing with attacks on infrastructure, which it acknowledged as a frequent target for hackers. If an attacker shut down phone networks, it could cause massive disruption. Serper said he didn’t find any US mobile carriers that were affected, but the hacking campaign is ongoing and it’s possible that could change. Hackers have been quietly stealing gigabytes of call… Comments 2:44 Now playing: Watch this: 3:26 Share your voice Now playing: Watch this: Using that access, the hackers also created accounts for themselves with escalated privileges, essentially hiding among the company’s actual staff. Even if the companies take measures to close up their vulnerabilities, the hackers could remain in the network for years after the fix. Because the attack method was this sophisticated and targeted, Cybereason researchers believe the hackers were backed by a nation-state. All digital forensics signs point to China. The malware used, the method of attack and the servers the attacks are on are tied to APT10, China’s elite hacking group. A Chinese foreign ministry spokesperson said that China “firmly opposes” cyberattacks using the nation’s infrastructure, and denied involvement with the hacks.”Second, with the cyberspace being a highly virtual one filled with multiple actors whose behaviors are difficult to trace, one should present abundant evidence when investigating and determining the nature of a cyberspace activity,” the Chinese embassy said in an email. “Making groundless accusations are neither professional nor responsible.”But there’s no smoking gun tying China’s hackers to this campaign. Despite the attackers using Chinese malware and servers, it’s possible they’re attempting to frame APT10, researchers said. “Because the tools that we saw were leaked and are publicly available to anyone who’s looking to get those tools, it could be anyone who wants to look like APT10,” Levi said. What to do Cybereason said it’s reached out to all the affected mobile carriers, though it’s unclear what fixes they may have implemented to stop the intrusion. Levi recommended that all mobile carriers strictly monitor their internet-facing properties, especially servers. Mobile carriers should also look for accounts that have high-privilege access. Serper said the investigation is ongoing, and he continues to find more companies hacked by this group by the day. The hackers’ servers are still up and running, he noted. For people being tracked through this data theft, there’s almost nothing they can do to protect themselves from espionage, he noted. Victims wouldn’t even know that their call data records were being stolen from mobile carriers. “There is no residue on your phone. They know exactly where you are and who you’re talking to, and they didn’t install any piece of code on your phone,” Serper said. Originally published June 24. Update, June 25, 6:56 a.m. PT: Adds that US mobile carriers didn’t respond to requests for comment. At 9:02 a.m. PT: Notes that a US mobile carrier is taking precautions against the attacks. At 1:09 p.m. PT: Adds a response from the Chinese embassy. Samsung, LG, Motorola: How soon can we expect 5G phones? 10 13 Photos A person familiar with plans at one of the major US mobile carriers said the company is aware of the cyberattacks and is taking precautions against a potential breach.The hackers stole hundreds of gigabytes of call data records, which included sensitive information like real-time geolocation. Cybereason While they were able to disrupt network signals, the hackers were more focused on espionage than disruption, Cybereason found. After gaining access to mobile carriers’ internal servers, the hackers would have access to call data records on hundreds of millions of customers. That would provide information like geolocation data, call logs and text message records. While the hackers had access to the data of millions of people, they had stolen data from fewer than 100 targeted victims. The attackers likely targeted high-profile victims involved in government and the military, said Mor Levi, Cybereason’s vice president of security practices. That data could update in real time, as long as mobile carriers didn’t catch on that they’d been hacked. “Hacking a company that has mountains of data that is always updating is the holy grail for an intelligence agency,” Serper said. “It’s not just about gaining that access; it’s about maintaining it.” How the attacks happened Cybereason’s researchers found that the attackers gained access to more than a dozen mobile carriers by exploiting old vulnerabilities, like malware hidden in a Microsoft Word file or finding an exposed public server belonging to a given company. Once they slipped in, the malware then spreads by searching for all the computers on the same network and attempting to gain access by flooding them with login attempts. It continues to spread as long as the credentials work, until the hackers reach the caller data records database. Tags Biggest hacks of 2018 Mobile Security
A young man was hacked to death by miscreants at Kacharipara of Pabna municipality on Thursday evening, reports UNB. The deceased was Ariful Islam Sagar, 22, son of late Abdul Hamid of the area.Officer-in-charge of Sadar police station Abdur Razzaque said a group of miscreants chopped Ariful indiscriminately around 7:30pm, leaving him injured.He was taken to Pabna General Hospital where physicians declared him dead, the OC said.
US president Donald Trump. Photo: APUS President Donald Trump insisted Thursday that US forces would pull out of Syria “very soon” and lamented what he said was Washington’s waste of $7 trillion in Middle East wars.In a populist address to industrial workers in Ohio, Trump said US forces were close to securing all of the territory that the Islamic State jihadist group once claimed.”We’ll be coming out of Syria, like, very soon. Let the other people take care of it now,” he promised, to applause.Trump did not say who the others were who might take care of Syria, but Russia and Iran have sizable forces in the country to support President Bashar al-Assad’s regime.”Very soon — very soon we’re coming out. We’re going to have 100 per cent of the caliphate, as they call it — sometimes referred to as ‘land’ — taking it all back quickly, quickly,” he said.”But we’re going to be coming out of there real soon. Going to get back to our country, where we belong, where we want to be.”State Department spokeswoman Heather Nauert was later asked at a briefing if she was aware of any decision for the US to pull out of Syria.She responded, “I am not, no. No.”The United States has more than 2,000 military personnel in eastern Syria, working with local militia groups to defeat the Islamic State group while trying to keep out of Syria’s broader civil war.Trump’s eagerness to quit the conflict flies in the face of a new US Syria strategy announced in January by then secretary of state Rex Tillerson — who has since been sacked.Tillerson argued that US forces must remain engaged in Syria to prevent IS and Al-Qaeda from returning and to deny Iran a chance “to further strengthen its position in Syria.”In a speech at Stanford University, he also warned that “a total withdrawal of American personnel at this time would restore Assad and continue his brutal treatment against his own people.”But Tillerson has gone after being dismissed in a tweet. And Trump, who increasingly makes foreign policy announcements without seeking the advice of US generals or diplomats, wants out.”We spent $7 trillion in the Middle East. And you know what we have for it? Nothing,” Trump declared, promising to focus future US spending on building jobs and infrastructure at home.
Share Nicolas Henderson/FlickrTexas State Capitol in Austin.Texas is seeking permission from the federal government for the return of federal family planning money it lost four years ago. It lost those Medicaid funds after it excluded Planned Parenthood and other clinics affiliated with abortion providers from the state’s women’s health program. If President Trump’s administration agrees, Texas could serve as an example to other states wishing to defund Planned Parenthood clinics.In 2011, the Republican-dominated Texas legislature signaled its intention to end Planned Parenthood’s participation in what was then known as the Medicaid waiver program serving the state’s low-income women. Ninety percent of the program’s funding came from the federal government. But the Obama administration opposed Texas’ plan because Federal law requires states to fund “any willing provider.” This is to keep states from discriminating against health care providers for ideological, racial or religious reasons.Texas decided to forgo federal funding so it could exclude Planned Parenthood from the list of providers from which women could choose to get health care. Texas then created a state program, now known as Healthy Texas Women, and Planned Parenthood is not allowed to participate. The tens of millions of dollars in federal Medicaid funding that it lost each year was the price Texas had to pay for sticking to its guns.But now that Trump is calling the shots, Texas wants that federal money back — while still being allowed to bar Planned Parenthood. And Texas may well have a good chance. The president recently appointed anti-abortion proponents to oversee the nation’s family planning programs. If Texas is successful, abortion rights advocates worry that the state will pave the way for other Republican dominated states to set up similar exclusions, and not have to suffer the financial penalties Texas endured to boot.Carrie Williams, spokeswoman for the Texas Health and Human Services Commission told The New York Times, “This is a new administration and we’re looking at what funding opportunities may exist for us.”The prospect has health care advocates worried. Dr. Georges Benjamin is the executive director of the American Public Health Association. He says it’s already forbidden to use federal dollars to fund abortions, but if Texas gets its waiver, abortion rights proponents across the country would be supporting Texas’ program through their tax dollars.“I don’t want my federal dollars used for discriminatory practices,” Benjamin says. “You’re now forcing other states, and other people who may have a different view on this issue to pay for the discriminatory practices that the state of Texas is trying to have, which will ultimately result in poorer health outcome for women.”Benjamin says one of the main arguments for the Hyde Amendment, which prohibited federal funding for abortions in 1977, was that forcing anti-abortion proponents to fund abortion providers was an undemocratic violation of their deeply held religious beliefs. Providing Texas a waiver to receive federal Medicaid funds while excluding Planned Parenthood turns that argument on its head, he says. Abortion proponents across the country would have to see their tax dollars used to fund a Texas program that discriminates against abortion providers.In its waiver application, Texas made the case for increased federal funding by pointing out it has the highest rate of pregnancy in the nation, one of the highest teen pregnancy rates and that fully a third of the women who get pregnant in the state do so unintentionally.Copyright 2017 NPR. To see more, visit http://www.npr.org/. X Listen 00:00 /02:28 To embed this piece of audio in your site, please use this code: