The threat actors behind multiple intrusions targeting Southeast Asian telcos

In this recording of a recent webinar, Assaf Dahan head of threat research at Cybereason Nocturnus, and Mor Levi, VP of global security practices at Cybereason, walk their audience through the espionage operations of various Chinese threat actors operating in Southeast Asia.

The webinar follows the launch of a major threat intelligence research report, DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos, by the Cybreason Nocturnus Research Team, which reveals the latest information on the telco threat landscape and the discovery of DeadRinger.

This new research details the discovery of several previously unidentified attack campaigns targeting the telecommunications industry across Southeast Asia, highlighting several clusters of attack activity which were identified and assessed, and the work of several prominent APT groups who are known to conduct operations aligned with the interests of the Chinese government.

Watch this video to find out:

• How the attackers behind the intrusions attempted to compromise high-profile assets such as Microsoft Exchange servers, domain controllers (DC) and billing systems.
• Who the multiple threat actor groups operating in the interest of China are and how overlaps exist between the clusters.
• The latest adaptive, persistent and sophisticated threat actors, as well as the forensic evidence revealing the attacker’s operation date back to 2017.

Download the report: DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos