Singtel targeted by Chinese hackers in “test run” for attacks on US targets


  • Anonymous tipsters say Singtel was breached in June 2024
  • The group behind the attack is Volt Typhoon, a known state-sponsored actor
  • Assault was reportedly a test run before attacks on telecoms in the US

Infamous Chinese cyber-espionage threat actor Volt Typhoon, allegedly tied to the country’s government, breached Singtel last summer.

A report on Bloomberg, citing “two people familiar with the matter”, claims hackers used a webshell to breach Singtel, which commented on the breach, but did not outright confirm it.

“We understand the importance of network resilience, especially because we are a key infrastructure service provider,” Singtel said in a statement. “That’s why we adopt industry best practices and work with industry-leading security partners to continuously monitor and promptly address the threats that we face on a daily basis. We also regularly review and enhance our cybersecurity capabilities and defenses to protect our critical assets from evolving threats.”

Practicing on Singtel

The anonymous tipsters also revealed Volt Typhoon wasn’t really that interested in Singtel’s intel, but rather used it as practice grounds, a stepping stone to its actual goal. Apparently, the breach was “a test run by China for further hacks against US telecommunications companies.”

In early February 2024, US security agencies (CISA, NSA, FBI, and others) warned Volt Typhoon had lurked on the networks of critical US infrastructure firms for years thanks to living off the land (LOTL) and using stolen accounts.

“In fact, the U.S. authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” the statement said.

At the same time, the Chinese government denied all allegations, and at one point even said the group was a CIA asset. In October 2024, the country published a new paper claiming Volt Typhoon was a US asset, basing its conclusions on, “more than 50 cybersecurity experts” who weren’t named.

Headquartered in Singapore, Singtel is considered one of Asia’s biggest telecommunications providers. It offers a broad range of services, including mobile, broadband, and fixed-line services, not just in Singapore, but across the Asia-Pacific region.

Via The Register

You might also like


Source

Anonymous tipsters say Singtel was breached in June 2024 The group behind the attack is Volt Typhoon, a known state-sponsored actor Assault was reportedly a test run before attacks on telecoms in the US Infamous Chinese cyber-espionage threat actor Volt Typhoon, allegedly tied to the country’s government, breached Singtel last…

Leave a Reply

Your email address will not be published. Required fields are marked *