So what if the entire history of you was under scrutiny?
For many, maybe most of us, no big deal. On the other hand, that late-night call to an old flame just before you got married might be embarrassing to have surface. But what if it’s way worse? What if someone could reconstruct every place you were, every person you’ve talked to.
Boston-based Cybereason, a cyber security firm with Israel Defense Forces roots, told TechCrunch of a massive spying hack that stole call records from more than 10 global cell network providers, going back seven years. The hack appears to have targeted at least 20 specific individuals.
Who were the targets? Government officials? Corporate bigwigs?
We don’t know. But Cybereason says the data can be used to track the date, time and location of the calls.
This isn’t small potatoes: The NSA has collected this information for a long time, over the vehement protests of privacy advocates. If the NSA wants it, and the hackers want it, there must be significant value in this capability, right?
Cybereason told TechCrunch they became aware of these hacks a year ago, and have tracked the hacks to learn that it’s been an ongoing operation. Which means the hackers are following specific people. Why?
“You could see straight away that they know what they’re after,” Amit Serper, head of security research at Cybereason, told TechCrunch.
Cybereason said they weren’t going to name the affected providers, but said many were sizable, and that it didn’t find evidence that North American providers had been infiltrated.
The company also didn’t notify the targeted individuals.
Cybereason thinks a hack this sophisticated is very likely the work of a nation-state.
Perhaps you’ve seen or heard of squabbles over a Chinese telecom firm and smartphone provider called Huawei. It’s currently at the center of a raging battle with the U.S. government, which has put severe restrictions on the use of Huawei products and services, citing fears the company is in cahoots with the Chinese government and is essentially a tool for spying. U.S. companies are being blocked from using Huawei computer chips, software and other components without government approval.
Cybereason characterized the hacks as “textbook APT 10” — a hacker group believed to be backed by China.
While the Russia/WikiLeaks accusations have raged, the Trump Administration has warned of possible threats from China. Whoever is behind these acts, the U.S. needs to get to the bottom of it, and continue to apply pressure on foreign entities who seek to undermine us.