APT10 is at it again. According to a story in today’s Wall Street Journal (the New York Times missed the story), the Tianjin-based hacking group affiliated with China’s Ministry of State Security infiltrated the cellular networks of at least 10 global telecom carriers, stealing users’ whereabouts, text-messaging records and call logs. The article, by Timothy W. Martin and Eva Dou, is behind a reg wall, so allow me to summarize.
APT stands for Advanced Persistent Threat. APT10 was called out by U.S. authorities in December for a sustained attack on American cloud computing networks. They were inside the systems for four full years before the feds were able to stop it. I featured them prominently in my book, “The New Art of War: China’s Deep Strategy Inside the United States.” See it here.
Now we read that APT10 targeted 20 military officials, dissidents, spies and law enforcement individuals–all with some connection to China–by penetrating cellular networks across Asia, Europe, Africa and the Middle East, according to Cyberreason Inc., a Boston-based cybersecurity firm. Cyberreason apparently briefed global carriers in person. There is no written report.
“We never heard of this kind of mass-scale espionage ability to track any person across different countries,” the head of Cyberreason, Lior Div, was quoted as saying.
The hacking campaign, which is continuing, was nicknamed “Operation Soft Cell.” It has given hackers access to the carriers’ entire active directory, an exposure of hundreds of millions of users. As they did in the cloud computing case disclosed in December, the hackers created high-privileged accounts that appeared to be legitimate and that allowed them to roam through the telecoms’ systems.
I have two primary take-away messages: First, China’s espionage capabilities have surged far beyond what we in the West thought they were capable of. Huawei’s 5G technology is part and parcel of this equation. And Chinese state-affiliated players have no respect for the sovereignty or integrity of any IT system in the world.
The second one is, as I say in my book, you cannot negotiate an end to practices such as this. We have to take responsibility for hardening all our IT systems in both the public and private sector. We have to ramp up our spending and we have to ramp up the number of people who are equipped with science and mathematical skills. The U.S. Navy recently complained that it was under “cyber siege” mostly from Chinese attackers. It turns out, we all are.