Chinese Cyber Espionage Group Steals SMS Messages via Telco Networks
APT41’s new campaign is latest to highlight trend by Chinese threat groups to attack upstream service providers as a way to reach its intended targets, FireEye says.
From Richard Henderson, Head of Global Threat Intelligence, Lastline.:
We shouldn’t expect these recent revelations to change much, if at all, in respect to current relations between the West and China. Ever since the China-US agreement in 2015 where a pledge was made to stop these sorts of attacks, it was obvious that China never intended to honor that agreement. With China-US relations at a difficult point with their faltering trade negotiations, it’s unlikely these incidents will play much of a role in shifting opinion either way.
The best advice I can offer is for Western government agencies with substantial cyber security skills to start lending their intelligence to organizations that are being targeted by unfriendly nation state groups. It’s unlikely that will happen, of course: the chances of our friendly agencies divulging sources and methods to companies is of substantially less value than quietly monitoring what our nation-state adversaries are up to. With that being said, it’s going to be up to organizations to accept that no matter how low value they may feel they are to nation state groups, it’s highly likely they do have information or intellectual property of value to another country. Even if it’s being used as a pivot to other targets.
What this really means for organizations is that they are going to have to spend time and resources on adding detective controls inside their environments, and not just focusing their security efforts on the preventative. Nation state groups are persistent by their very nature, and they will eventually worm their way inside your environment and attempt to deploy their tools to succeed in their mission.
Sadly, there’s not much that can be done on the end-user side. For those users who wish to communicate about things that might get the attention of a nation state, or who may believe themselves in their crosshairs, traditional espionage tradecraft rules apply: agree upon an end-to-end encrypted messaging platform like Signal, and use codes to refer to people or subjects you think may get attention.