Chinese hacker group allegedly targeted Singtel in telecom attack

A Chinese group called Volt Typhoon allegedly infiltrated Singtel's network in June with suspected state-sponsored malware.

Gigi Onag, Senior Editor, APAC

November 6, 2024

2 Min Read
Singtel billboard showing logo
(Source: tofino/Alamy Stock Photo)

A Chinese state-backed hacker group is believed to have infiltrated Singtel in June, part of a broader campaign against telcos and other critical infrastructure providers worldwide.

Singtel is Singapore's largest mobile carrier with operations in Southeast Asia and Australia.

A Bloomberg report Tuesday (paywall applies) said investigators believe the breach came from a hacking group called Volt Typhoon and is seen as a trial run by China for future cyberattacks targeting US telcos.

Citing two people familiar with the matter, the report added that intelligence from the Singtel attack indicated a widening scope of suspected Chinese critical infrastructure attacks abroad.

Singtel confirmed that malware was detected on its network, which was subsequently dealt with and that the incident was reported to the authorities. No data was taken and there was no impact on Singtel's services.

However, Singtel cannot confirm or verify whether the malware was the exact same event reported by Bloomberg.

"We do not comment on speculation. Singtel conducts regular malware sweeps as part of its cyber posture," the company said.

Suspicious data traffic

Singtel reportedly discovered the network breach after detecting suspicious traffic on a core back-end router and finding what it believed to be sophisticated and possibly state-sponsored malware.

Citing unnamed sources, Bloomberg said the malware was in "listening" mode and did not appear to have been activated for espionage or any other purpose, reinforcing suspicions that the attack was either a test run of a new hacking capability or that its purpose was to create a strategic access point for future attacks.

Earlier this year, the Five Eyes intelligence-sharing alliance of the United States, Australia, Canada, the United Kingdom and New Zealand warned that Volt Typhoon was embedding itself in compromised IT networks to give China the ability to launch disruptive cyberattacks in the event of a military conflict with the West.

In response to the Bloomberg report, Liu Pengyu, spokesman for the Chinese Embassy in Washington, said he was not aware of the details of the cyberattack on Singtel.

"China firmly opposes and combats cyberattacks and cyber theft in all forms," Pengyu said.

Read more about:

Asia

About the Author

Gigi Onag

Senior Editor, APAC, Light Reading

Gigi Onag is Senior Editor, APAC, Light Reading. She has been a technology journalist for more than 15 years, covering various aspects of enterprise IT across Asia-Pacific.

She started with regional IT publications under CMP Asia (now Informa), including Asia Computer Weekly, Intelligent Enterprise Asia and Network Computing Asia and Teledotcom Asia. This was followed by stints with Computerworld Hong Kong and sister publications FutureIoT and FutureCIO. She had contributed articles to South China Morning Post, TechTarget and PC Market among others.

She interspersed her career as a technology editor with a brief sojourn into public relations before returning to journalism, joining the editorial team of Mix Magazine, a MICE publication and its sister publication Business Traveller Asia Pacific.

Gigi is based in Hong Kong and is keen to delve deeper into the region’s wide wild world of telecoms.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like