\n<\/p>\n
Singapore\u2019s government has blamed a known Chinese cyber-espionage group for targeting four of its top telecommunication companies as part of a months-long attack.<\/p>\n
In a statement Monday<\/a>, Singapore confirmed for the first time that the hackers, known as UNC3886, targeted the country\u2019s telecoms infrastructure, including its largest companies: Singtel, StarHub, M1, and Simba Telecom. The government previously said that it was responding to an unspecified attack on its critical infrastructure.<\/p>\n While the intruders were able to breach and access some systems, they did not disrupt services or access personal information, said K. Shanmugam, the country\u2019s coordinating minister for national security.<\/p>\n Google-owned cybersecurity unit Mandiant previously linked<\/a> UNC3886 as an espionage group likely working on behalf of China. The Chinese government is known to conduct regular cyber-espionage operations, as well as prepositioning for disruptive attacks<\/a> ahead of an anticipated invasion of Taiwan, which Beijing has routinely denied, per Reuters<\/a>.<\/p>\n UNC3886 is known for exploiting zero-day vulnerabilities<\/a> in routers, firewalls, and virtualized environments, where cybersecurity tools that are designed to spot malware cannot typically reach. The hacking group has targeted the defense, technology, and telecom industries<\/a> across the U.S. and the Asia-Pacific region.<\/p>\n In the case of the attack on Singapore\u2019s top telcos, Shanmugam said the hackers used advanced tools, like rootkits, to gain long-term persistence to their systems.<\/p>\n \u201cIn one instance, they were able to gain limited access to critical systems but did not get far enough to have been able to disrupt services,\u201d according to the government\u2019s statement.<\/p>\n Per Reuters, the telcos said in a joint statement that the companies regularly face distributed denial-of-service and other malware attacks. \u201cWe adopt defence-in-depth mechanisms to protect our networks and conduct prompt remediation when any issues are detected,\u201d the statement read.<\/p>\n The attacks on Singapore\u2019s telcos follow similar but distinctly different attacks on hundreds of telecoms companies around the world in recent years, including in the United States<\/a>. Multiple governments have linked these attacks<\/a> to a China-backed group dubbed Salt Typhoon.<\/p>\n Singapore said the attack carried out by UNC3886 has \u201cnot resulted in the same extent of damage as cyberattacks elsewhere,\u201d referring to the Salt Typhoon hacks.\u00a0<\/p>\n<\/div>\n