Suspected Chinese hackers hit as many as 13 phone companies since 2019, say experts

At least 13 phone companies around the world have been hijacked since 2019 by sophisticated hackers thought to be from China, according to a cybersecurity expert organisation. According to CrowdStrike, an organisation frequently referenced by intelligence organisations around the world, the roaming hackers, known as LightBasin, were able to "search and find" particular mobile phones and "target accordingly," The Guardian reported. Hackers were also able to gain personal subscriber information from phone providers, as well as metadata indicating who made and received calls.

"Sophisticated signals intelligence activity" directed at phone company networks has long been seen as a fundamental function of Western intelligence organisations such as the NSA in the US and the GCHQ in the United Kingdom. However, this is one of the first instances its existence by organisations linked to Beijing has been officially exposed in the West. The Guardian reported, LightBasin, according to CrowdStrike analysts, was a "Chinese state-sponsored" group gathering information "likely to be of major interest to intelligence entities."

Cyber-attacks from Chinese hackers at all-time high

The attribution was not conclusive, but Adam Meyers, a senior vice president at CrowdStrike, said there were indications that LightBasin was working in support of other well-established Chinese entities, who normally carry out a hacking activity under the supervision of Beijing. The Guardian reported citing Meyer, "the research group was able to uncover passwords used by the LightBasin cluster which were in Pinyin, romanised Chinese characters." According to Western experts, Chinese hacking is at an all-time high, defining it as a low-level kind of cyberwarfare that has typically focused on intellectual property but also includes basic espionage activity.

Concerns over China's influence in telecoms have also prompted some Western countries, including the United States, to ban Huawei from their phone networks - despite the company's insistence that it never authorises espionage on its customers. Last year, the United Kingdom said that Huawei equipment would be phased out of 5G phone networks beginning in 2027. Despite numerous attempts by the US and other Western governments to call it out, China has always denied any involvement in hacking. China's foreign ministry accused Washington of "ganging up with its allies" and engaged in "smear and suppression out of political motives" in July.

That denial came after the United States, the European Union, NATO, the United Kingdom, and four other countries accused Beijing in March of being behind large exploitation of weaknesses in Microsoft's widely used Exchange corporate server software. It impacted over 250,000 organisations globally, allowing hackers to steal corporate communications for espionage purposes.

(With inputs from agencies)

Image: Pixabay