Singtel targeted by Chinese hackers in "test run" for attacks on US targets
One of APAC's biggest telcoms providers used as a playground for Chinese threat actors
- Anonymous tipsters say Singtel was breached in June 2024
- The group behind the attack is Volt Typhoon, a known state-sponsored actor
- Assault was reportedly a test run before attacks on telecoms in the US
Infamous Chinese cyber-espionage threat actor Volt Typhoon, allegedly tied to the country’s government, breached Singtel last summer.
A report on Bloomberg, citing “two people familiar with the matter”, claims hackers used a webshell to breach Singtel, which commented on the breach, but did not outright confirm it.
"We understand the importance of network resilience, especially because we are a key infrastructure service provider,” Singtel said in a statement. “That's why we adopt industry best practices and work with industry-leading security partners to continuously monitor and promptly address the threats that we face on a daily basis. We also regularly review and enhance our cybersecurity capabilities and defenses to protect our critical assets from evolving threats."
Practicing on Singtel
The anonymous tipsters also revealed Volt Typhoon wasn’t really that interested in Singtel’s intel, but rather used it as practice grounds, a stepping stone to its actual goal. Apparently, the breach was “a test run by China for further hacks against US telecommunications companies.”
In early February 2024, US security agencies (CISA, NSA, FBI, and others) warned Volt Typhoon had lurked on the networks of critical US infrastructure firms for years thanks to living off the land (LOTL) and using stolen accounts.
"In fact, the U.S. authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years," the statement said.
At the same time, the Chinese government denied all allegations, and at one point even said the group was a CIA asset. In October 2024, the country published a new paper claiming Volt Typhoon was a US asset, basing its conclusions on, “more than 50 cybersecurity experts” who weren’t named.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Headquartered in Singapore, Singtel is considered one of Asia’s biggest telecommunications providers. It offers a broad range of services, including mobile, broadband, and fixed-line services, not just in Singapore, but across the Asia-Pacific region.
Via The Register
You might also like
- Hackers target DocuSign with new phishing threat — watch out, you could be signing your data away
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.