Singapore says cyber espionage group targeted telco infrastructure

Singapore’s four telecom companies, Singtel, StarHub, M1 and Simba Telecom, were targeted by ⁠cyber espionage group UNC3886 in attacks last year, Singapore’s Cyber Security Agency said on Monday.

The agency said the hackers were able to penetrate ‌and gain access ‌to some parts of the telecom systems, but could not disrupt services and ‌did not access personal data.

“They also managed to exfiltrate a small amount of technical data; this is believed to be primarily network-related data to advance the threat actors’ operational objectives,” the agency said.

Google-owned cyber security firm Mandiant has described UNC3886 as a “China-nexus espionage group” that has ‌attacked defence, technology ‍and telecommunications organizations in the United States and ‍Asia.

Beijing routinely denies any allegations of cyber ‌espionage, and says it opposes all forms of cyberattacks and is in fact a victim of such threats.

The Chinese Embassy in Singapore did not immediately respond to a request for comment.

Monday’s statement was the first time the government has revealed the type of infrastructure that ‍UNC3886 targeted. Last July the government said it was responding to cyberattacks from the group targeting high-value ‍strategic assets.

In ⁠a joint ⁠statement, the four companies said that all telcos face cyber threats such as Distributed Denial-of-Service, malware, phishing as well as more sophisticated advanced and persistent threats.

“We adopt defence-in-depth mechanisms to protect our networks and conduct prompt remediation when any issues are detected,” they said, adding that they work with government agencies and industry experts to improve security and resilience.