It has been reported that Ribbon Communications, a key telco services firm in the US, has suffered from a nation state cyber attack that went undetected for almost one year. Here, Ryan McConechy, CTO of Barrier Networks responds to the news.

“This latest breach against a major telecommunications provider is further evidence that the online world has become the preferred playing field for all adversaries today. 

We don’t know which nation state is behind the attack, or what their MO was, but the fact that they were inside the network for as long as a year before being noticed is deeply concerning. 

This could also suggest the attack was executed out of China, as their attackers often rely on living off the land and stealthy techniques to stay under the radar for as long as possible, allowing them to conduct reconnaissance which can advance their objectives in the future.

Ribbon has stated it doesn’t believe any government customers were impacted, but this needs to be verified fully. As we have seen with Salt Typhoon, Chinese threat actors have targeted major telco providers in the past with the specific objective of eavesdropping and collecting data on high ranking officials in government, so it must be made clear whether or not this form of spying has occurred.

As nation state threat actors focus their attention on targeting critical infrastructure and other telco firms, it is essential these organisations are prepared for these assaults. 

The UK government recently updated its cyber-Code of Practice for Telcos, so following the recommendations outlined there is a vital first step.”

For more cybersecurity news, click here