As far as large-scale acts of cybercrime are concerned, they are not only difficult to trace, but it is pretty much impossible to bring the perpetrators to justice as well. For the most part, such acts are so covert that they go completely unnoticed. However, a cybersecurity firm has recently uncovered an immense hacking campaign involving the theft of call records from more than 10 cell networks for almost a decade.
According to the first report on the occurrence, a group of hackers has been involved in a “massive-scale” act of espionage against at least 20 individuals in which call records have been stolen from over 10 cell providers all over the world. Dubbed as “Operation Softcell”, this campaign was discovered by Cybereason, a security research firm, which firmly believes that the given the complexity of the attack, it is funded and backed by a government.
The attacks have apparently been going on for a period of seven years, with the hackers’ main target being “call detail records”. Such records contain detailed metadata on every call that has ever been made from an individual cell phone, including times, dates and the device’s location. While this is less dramatic than acquiring the actual content of those calls, this information is still immense.
For one, this metadata will allow the hackers to infiltrate into the network and compromise caller data in real time, without the carrier having any knowledge whatsoever. Worryingly enough, Cybereason believes that the hackers have already penetrated deep enough into the network to be able to “shut down the network tomorrow”. It appears that the group’s main victims will be high profile government and military officials.
At least 10 cell providers have been targeted across Europe, Asia, Africa and the Middle East so far. According to Cybereason, the hackers initially gained access to the network by discovering an exposed server, before proceeding to create privileged accounts in order to continue to access it later.
So do we have any clues about the affiliations of these hackers? Interestingly enough, Cybereason believes that not only is this attack state-backed, the techniques employed so far match those of APT10, an infamous Chinese hacking group that was responsible for stealing data from NASA, IBM and other American organizations last year.
Although there is no definitive proof to back up this belief, this incident is only going to worsen the prevailing US-China relations and escalate the tension between the two countries. And of course, once Chinese involvement is confirmed, the US will definitely retaliate.