An American Israeli cyber security company said on Tuesday that it had revealed a massive hack of several global telecommunications companies that involved the theft of large amounts of personal data apparently performed by state-sponsored operators in China.
Based in Boston, Cybereason has offices in Tel Aviv, London and Tokyo, saying the hacking included the specific focus of government, law enforcement, and politics people.
The company said in a statement that it had found a "nation-supported operation against several cellular providers that have been going on for several years."
"The tools and TTPs (tactics, techniques, and procedures) involved in this operation indicate that the state attacks may be from China," the company said, double the "Operation Soft Cell" survey.
Hackers engaged in "espionage and theft of theft that target specific individuals on different continents that are likely to work in government, law enforcement and politics," Cybereason said.
"The ongoing active nine-month survey shows how opponents in the national state, likely sponsored by the Chinese government, have taken over IT networks from many mobile providers, resulting in the theft of hundreds of gigabytes of data," the statement said.
Hackers "completely took over the IT network and was able to adapt the IT infrastructure" to pull out "complete active directory databases, which compromises every username and password in those organizations."
"In addition, other personal identifiable information such as billing data, call configuration data, credentials, email servers have been stolen," the company said.
Cybereason did not release a list of the companies it believes were targeting the hack.
"The operation against telecommunications companies is on a large scale," says Lior Div, Cybereasons CEO and co-founder. "This is not a smash and seize campaign to steal money or social charges."
"These hackers have very specific motives and have a very targeted operative operation to own the networks and track a highly targeted list of individuals on different continents," Div continued, a veteran of the Israeli army's elite 8200 cyber unit.
"This is not a crime, but a series of sophisticated and targeted violations," said Amit Serper, senior manager of security research at Cybereason. "Hackers have stolen hundreds of gigabytes of information and have access to geolocation information about individuals, know their exact movements day and night. If the people travel abroad, the hackers know it. If the person visits a concert, the hackers know it and they can use this information for to identify an appropriate time in operation and campaigns they perform. "
Western nations, and especially the United States and the United Kingdom, have accused China of major hacking operations aimed at judging large amounts of data, including business secrets and scientific information, as well as private details of citizens.
In December, US authorities accused two alleged Chinese hackers saying they had acted on behalf of the Beijing headquarters agency to steal trade secrets and other information from government and one who is from large US corporations and nearly a dozen other nations. Targeted nations called the United States accusation include Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland and the United Arab Emirates.
The development coincided with a United Kingdom announcement blaming China's State Security Ministry for Trade Secret Pilfering for Western nations.
The UK Foreign Ministry then accused Chinese elite ministers of carrying out a "widespread and significant" campaign for cyber espionage against the United Kingdom and its allies.