Cybereason observed overlaps in attacker tactics, techniques, and procedures across the clusters, which indicates a likely connection between the threat actors. This supports the assessment that each group was tasked with parallel objectives in monitoring the communications of specific high-value targets under the direction of a centralised coordinating body aligned with Chinese state interests.
Cybersecurity solutions provider Cybereason has revealed that Chinese threat actors were responsible for several previously unidentified cyberattack campaigns infiltrating major telecommunications providers (telcos) across Southeast Asia.
It has identified three distinct clusters of attacks that have evaded detection since at least 2017. The clusters were found to have varying degrees of connection to Advanced Persistent Threat (APT) groups Soft Cell, Naikon and Group-3390 — all known to operate in the interest of the Chinese government.
