13 Global Telecoms attacked by LightBasin hackers
A databreach is a serious risk and unfortunately hard` to avoid these days. The global threat for valuable information stored by #Telecoms has the face of #LightBasin.
LightBasin – skilled hackers
By now, you have probably heard of LightBasin – an APT actor who specialized in targeting MNOs using sophisticated methods. It seems they started to compromise telcos in 2016.
What is specifically important – they managed to achieve persistence. This means the data is transferred from compromised systems on a daily basis – this is not a one-time incident.
It is confirmed that more than 13 operators have been affected up to now, but this could be a tip of the iceberg as new facts are just emerging.
jtendo takes action
jtendo delivers solutions and services to Mobile Network Operators around the world. One of our key areas is network security.
jtendo Security Services are providing highly specialized security audits and incident response services for 20+ operators – mainly in ME and Asia. Our research has resulted in the creation of attack signatures which allows us to provide forensic services for MNOs.
Right after gaining confidence in LightBasin’s unauthorized actions, we decided to scan all platforms and services delivered to date for signs of attacks. We created a service designed to detect indicators of compromise, dedicated specifically for telco core network elements.
How it works?
We use set of in-house developed automated workflows that allows us to verify multiple network elements in a short period of time. If necessary, it is followed by manual verification to minimize the risk of overlooking something essential.
The workflow requires only terminal access to analyzed hosts and is based on a set of checks including: processes, files, attack artefacts, remnants of the use of hacking tools, signaling network protocols anomalies, covert channel detection, host profile match with its actual role.
The security of our customers is our top priority.
We have already deployed the service for our existing telco installation base and we are able to extend it to other core network elements.
We are offering security audit and forensic analysis of operators’ core network architecture as well as surrounding systems.
The experience that we have and the tool we are ready to use to investigate Light Basin’s attacks are at our customers’ disposal and we encourage all our customers to take these responsible steps.
If you want to receive more information don’t hesitate to ask our team!
Visit our profile on LinkedIn
