ISLAMABAD – A group of Iranian hackers known as *Greenbug* has beentargeting IT systems around South Asia for several months, cybersecurityfirm Symantec reported on Friday.
The group has targeted at least three telecom firms in Pakistan andaccessed data servers when it suits them. The report does not reveal thespecific companies being targeted but describes how the group has beenattacking them.
The group uses virtual “tunnels” to stay connected to the victim’s machineswithout a trace. They use this to access other machines on the same networkand valuable information.
Jon DiMaggio, senior cyber threat analyst at Symantec explained Greenbug’sdrive to stay connected to Pakistani telecom companies after beingdiscovered saying:
As we would close one door, they would attempt to come back from another.
This isn’t the first time a hacker group has been involved in attacksagainst telecom companies. According to Symantec, 18 different hackinggroups linked to various governments around the globe targeted telecomfirms in 2019. A Chinese group managed to breach over 10 cellular providersin Asia, Middle East, Europe, and Africa.
Read Top Stories
Symantec believes that telecom companies will always be in the crosshairsof such attacks as they provide a treasure trove of information on thecompany’s entire user database. While US telecom giants such as AT&T andVerizon have heavily invested in protection against such attacks, not allcompanies have the same resources as them.
In the end, the report recommends firms to keep their systems up to datewith the latest security features and patches as doing so automaticallyremoves most vulnerabilities in a system.
For technical details, we recommend reading Symantec’s original reportlink.
