SINGAPORE: Singtel, Singapore’s largest mobile carrier, was breached by Chinese state-sponsored hackers this summer as part of a broader campaign against telecommunications companies and other critical infrastructure operators around the world, according to two people familiar with the matter.
The previously undisclosed breach was discovered in June and investigators believe it was pulled off by a hacking group known as Volt Typhoon, according to the two people, who asked not to be identified to discuss a confidential investigation.
Officials in the United States, Australia, Canada, Britain and New Zealand – the “Five Eyes” intelligence-sharing alliance – warned earlier in 2024 that Volt Typhoon was embedding itself inside compromised IT networks to give China the ability to conduct disruptive cyber attacks in the event of a military conflict with the West.
The breach of Singtel, a carrier with operations throughout South-East Asia and Australia, was seen as a test run by China for further hacks against US telecommunications companies, and information from the attack has provided clues about the expanding scope of suspected Chinese attacks against critical infrastructure abroad, including in the United States, the people said.
In a joint statement on Nov 5, the Cyber Security Agency of Singapore (CSA) and Infocomm Media Development Authority (IMDA) said they understood from Singtel that no service was affected, and no data loss was reported from the incident.
They added that in this case, early detection and mitigation measures were in place. “Based on current investigations, the threat has been dealt with and the overall telecommunications infrastructure remains secure and unaffected.
“CSA and IMDA will continue to work with organisations, especially key service providers including Singtel to strengthen the security and resilience of our digital infrastructure,” they said.
Singtel on Nov 5 said “there was a malware detected in June which was subsequently dealt with and reported to relevant authorities”, but added that the telco cannot confirm or ascertain if that was the exact same event reported by Bloomberg.
“We do not comment on speculation. Singtel conducts regular malware sweeps as part of its cyber posture,” it noted.
Spokesperson Liu Pengyu for the Chinese Embassy in Washington said he was not aware of the specifics as relayed by Bloomberg, but that in general, China firmly opposes and combats cyber attacks and cyber theft.
The United States is currently battling its own suspected Chinese attacks of political campaigns and telecommunications companies. Officials have described the telecom breaches as one of the most damaging campaigns on record by suspected Chinese hackers. — Bloomberg