Connect with us

Security

Chinese Hackers Infiltrate Singapore’s Top Telecommunication Companies

Published

20 hours ago

on

Chinese Cyberspies Breach Singapore’s Largest Telcos

Last year, a Chinese threat actor known as UNC3886 infiltrated Singapore’s four major telecommunication service providers – Singtel, StarHub, M1, and Simba – at least once. Despite gaining limited access to critical systems, the hackers did not disrupt services.

Following the disclosure of the breaches in July 2025, Singapore launched ‘Operation Cyber Guardian’ to mitigate the adversary’s activities within the telcos’ networks. Limited information was shared about the operation at the time.

“Our investigations have revealed a deliberate and well-planned campaign by UNC3886 against Singapore’s telecommunications sector,” stated Singapore’s Cyber Security Agency (CSA).

The attackers employed a zero-day exploit to bypass telecom firewalls and steal technical data. Additionally, UNC3886 utilized rootkits for stealth and persistence during intrusions.

While all four major operators were compromised, sensitive customer data was not accessed or stolen, and services remained uninterrupted. Reportedly, the CSA and Infocomm Media Development Authority (IMDA) received alerts from telcos, initiating an investigation involving over a hundred government investigators.

The immediate response contained the breach, closed access points, and extended monitoring to critical infrastructure, preventing further attacks on other sectors like banking, transport, and healthcare.

Singapore’s Minister for Digital Development and Information, Josephine Teo, emphasized the importance of cyber defense efforts in mitigating damage from cyberattacks.

Notably, state-backed hackers affiliated with China, labeled Salt Typhoon, breached U.S. broadband providers in 2024 and targeted Canadian telecom firms in 2025. UNC3886, tracked by Mandiant researchers since 2023, exploits zero-day vulnerabilities in various technology products.

While the specific zero-day used in the Singapore attacks was not disclosed, the authorities’ swift response contained the breach and minimized potential damages.

See also  Securing the Supply Chain: Safeguarding Access Tokens in Open VSX

tines

Modern IT infrastructure moves faster than manual workflows can handle.

Discover how automated response systems can enhance efficiency, reliability, and scalability in our latest Tines guide.

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending