Cyber Risk in the Telecommunications Sector

Understand more about cyber risk in this sector.

Cyber Risk Graph

Explore how this sector relates to the wider risk graph

Threat Reports

Publicly available threat reporting on cyber attacks against Telecommunications.

Report

Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector

This blog post describes LIMINAL PANDA, a China-nexus advanced persistent threat (APT) group identified by CrowdStrike, active since at least ...

Report

Weathering the storm: In the midst of a Typhoon

Salt Typhoon is a highly sophisticated threat actor targeting the telecommunications sector, as detailed in this report from Cisco Talos. ...

Report

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

This blog post by Microsoft Threat Intelligence describes the Seashell Blizzard intrusion set and specifically the BadPilot campaign. According to ...

Report

GhostEmperor: From ProxyLogon to kernel mode

Public APT reporting from Kaspersky which outlines the GhostEmperor threat actor, including details of victimology and tooling. GhostEmperor is a ...

Report

Cloaked and Covert: Uncovering UNC3886 Espionage Operations

This article by researchers from Google's Mandiant outlines intrusion activity by UNC3886, a suspected China-nexus cyber espionage group. The ...

Report

APT45: North Korea’s Digital Military Machine

This report from threat intelligence analysts at Google's Mandiant marks the graduation of this cyber actor to a fully designated APT - APT45. The ...

Report

ANALYSIS OF THE APT31 INDICTMENT

Blog post providing analysis of a March 2024 US Department of Justice indictment of 7 hackers associated with APT31. The post details attribution ...

Report

APT41 (Double Dragon): A Dual Espionage and Cyber Crime Operation

This 2022 report by researchers at FireEye threat intelligence outlines the intrusion set they designate as APT41. They describe the group as 'a ...

Report

Unveiling TeleBoyi: Chinese APT Group Targeting Critical Infrastructure Worldwide

This presentation from TeamT5 describes the intrusion set they refer to as TeleBoyi and was presented at JPCERT's JSAC2024 conference on January ...

Report

The Operations of Winnti group

This report from researchers at NTT describes activity which they attribute to the Winnti Group (who they refer to as ENT-1) and identify overlaps ...

Report

AcidPour - New Embedded Wiper Variant of AcidRain Appears in Ukraine

This blog post by researchers at SentinelLabs describes a new variant of the AcidRain malware which they call AcidPour. The report includes ...

Report

People's Republic of China-Linked Cyber Actors Hide in Router Firmware

This Cybersecurity Advisory from CISA and partners details activities of the People's Republic of China (PRC)-linked cyber actors known as ...

Report

GhostSec’s joint ransomware operation and evolution of their arsenal

This Threat Spotlight from Cisco Talos describes the evolution of GhostSec's ransomware operations including their work with the Stormous ...

Report

I-Soon leak: KELA’s insights

This blog post outlines KELA's analysis of the 2024 I-SOON data leak. According to the article, I-Soon had relationships with Chinese governmental ...

Report

RedHotel: A Prolific, Chinese State-Sponsored Group Operating at a Global Scale

This report from Recorded Future's Insikt Group outlines activity by the Red Hotel intrusion set. RedHotel is identified as a prominent Chinese ...

Report

Winter Vivern: Uncovering a Wave of Global Espionage

SentinelLabs conducted an investigation into the Winter Vivern Advanced Persistent Threat (APT) group, in part leveraging observations made by The ...

Report

VOLTZITE Espionage Operations Targeting U.S. Critical Systems

This report details activity related to the VOLTZITE intrusion set as observed by Dragos. The report identifies sectors and geographies targeted ...

Report

Putter Panda Intelligence Report

This intelligence report published by CrowdStrike outlines cyber espionage activity against Western companies which they attribute to Putter ...

Report

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

Following an initial advisory issued in May 2023, this advisory from CISA, NSA and partners outlines information on the broader campaign of cyber ...

Report

APT1: Exposing One of China's Cyber Espionage Units

The APT1 report represents years of work by Mandiant, who analysed data across hundreds of breaches globally. The report identifies APT1 as a ...

MITRE ATT&CK Techniques

MITRE ATT&CK techniques observed in use against Telecommunications.