June 25 (UPI) -- Hackers have been able to steal cellphone records from more than a dozen wireless providers as part of a massive spying program that targeted dozens of people and businesses, cybersecurity experts said in a new report Tuesday.
The previously undisclosed hacks were reported by research firm Cybereason. The espionage project had the ability to track people's calls, when they call and where they call. That includes spies, executives and politicians, the analysis said.
The firm said the hackers penetrated deeply enough to damage networks, but their focus appeared to be stealing information, not crashing the system. The tools and techniques used in the cyberattacks are consistent with Chinese hacker groups, the study said.
The attacks targeted companies and individuals in more than 30 countries.
Related
"This multi-wave attack focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network," the report states. "The threat actor was attempting to steal all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users."
The report does not specify which providers were targeted.
By hacking into providers, hackers can find sensitive user information without having to possess the actual device -- and Cybereason said the attacks are nearly invisible.
Cybereason said the hackers' program, called Operation Soft Cell, goes back to at least 2012 and there's a high probability they are state sponsored.
A report last fall by security firm EfficientIP said the vast majority of the telecommunications industry is substantially unprepared for cyberattacks.
