Expert Insights Cybersecurity News Recap: November 12 –19, 2024

Welcome back to your weekly Expert Insights cybersecurity news roundup.

📧 Got a story to share with our team? Email [email protected].

1. T-Mobile among telecom companies breached by state-backed threat actors in China

pink and purple led light — Image: Mika Baumeister, Unsplash

T-Mobile, AT&T, Verizon, and more have been breached as part of a major Chinese spying operation, reports the Wall Street Journal.

State of play. China-backed hackers conducted a months long campaign to breach telecommunications providers. Their goal was to spy on the cellphone communications of high-value intelligence targets.

The attack reportedly involved exploiting vulnerabilities in routers and it’s suspected artificial intelligence has been used to help access infrastructure over the eight-month campaign.

What was stolen? The WSJ reports that it’s unclear at this stage what T-Mobile data or records have been taken. In the broader campaign, hackers were able to access cellphone lines used by national security officials and politicians, including call logs, text messages, and audio.

During the US election, the Associated Press reported that Chinese hackers had targeted the cellphones of Donald Trump, JD Vance, and people close to the Democratic Presidential campaign.

What the FBI is saying: In a joint statement from the FBI and CISA released on Wednesday, the FBI said:

“The U.S. government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.

Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.”

2. Winter is coming—along with holiday shopping scams

man in green jacket walking on sidewalk during daytime — Image: Markus Spiske, Unsplash

Season’s greetings! It’s the most wonderful online shopping time of the year—and as usual scam activity is expected to surge.

The UK’s cybersecurity and law enforcement bodies have warned this week that shoppers should be on the lookout for scams and switch on multi-factor authentication to protect digital accounts.

Last year in Britain alone, shoppers reportedly lost over £11.5 million during the holidays. The Black Friday weekend typically sees a 22% increase in fraudulent activity globally, according to NordLayer.

New tools and tricks: The Guardian reports that criminals are leveraging AI to trick shoppers by generating fake product listings and web pages. This can make it harder to detect scams.

Forbes reports there are three main scams to watch for this year: fake brand impersonation scams, credit card skimmers, and malicious advertising loaded with malware.

How to stay safe: Lord Hanson, the UK’s Fraud Minister, said:

“No one is immune to fraud, so shoppers are encouraged to exercise vigilance against tactics that push them to act quickly without thinking. Criminals often create false urgency by using limited time offers or promoting items that seem scarce or not widely available.

If you’ve seen something that doesn’t feel right, stop.

Break the contact and don’t click on any links
Research the company or seller by looking at reviews on trusted review sites”

3. The FTC reports over 50% drop in robocalls since 2021

Some good news? The FTC reported this week that reports of unwanted telemarketing calls have dropped by more than half since 2021.

Consumer reports about unwanted calls have dropped for the third straight year, according to the National Do Not Call Registry Data Book for Fiscal Year 2024.

This year, the FTC has received 1.1 million robocall reports, down from 1.2 million in 2022. Over 3.4 million were reported in 2021, reports BleepingComputer.

Hold, please. In recent years, the FTC has pursued a tough strategy to crack down on scam phone calls. In 2023 the agency announced Operation Stop Scam Calls, a crackdown on illegal telemarketing.

The FTC has also recently banned impersonation of governments and businesses and is taking steps to prevent AI-enabled scam calls. This is significant as AI voice cloning scams are already targeting millions of people.

What’s the strategy? Sam Levine, Director of the FTC’s Bureau of Consumer Protection, said:

“Illegal calls remain a scourge, but the FTC’s strategy to pursue upstream players and equip the agency to confront emerging threats is showing clear signs of success. In the years to come, it will be critical we continue this progress by confronting not only telemarketers but those firms who knowingly profit from scam calls.”

4. NSO Group deployed Pegasus spyware via WhatsApp exploits, court documents reveal

A person holding a cell phone in their hand — Image: Amanz, Unsplash

Pegasus spyware developer NSO Group exploited WhatsApp vulnerabilities to deploy spyware on the messaging app, legal documents have revealed.

As reported by The Hacker News, legal documents released as part of Meta’s ongoing legal dispute with the Israeli-based spyware company have revealed that the “NSO Group repeatedly found ways to install the invasive surveillance tool” on target devices, even after Meta sued the group for doing so.

Why does it matter? The Pegasus spyware is designed to be covertly and remotely installed on iOS and Android devices, enabling the operator to access all text messages, listen into calls, track locations, and more.

The NSO Group markets Pegasus as a tool for governments to fight crime and terrorism, but it has been reported that the software has been used to target journalists, activists, and lawyers around the world.

Zooming out: In 2019, WhatsApp revealed NSO Group software had been used to send malware to over 1,400 phones. In 2021, a database leak revealed that NSO Group customers had, at the time, targeted more than 50,000 phone numbers for surveillance. The US Government blacklisted the NSO Group in 2021.

Meta and the NSO Group are currently involved in an ongoing legal dispute over how the spyware is operated on Meta’s platforms. As reported by DarkReading, “WhatsApp lawyers have sought to portray NSO Group as indeed being liable for Pegasus by attempting to tie the vendor more directly to customer use of the spyware tool.”

5. The “AI Granny” fighting back against scammers

👵 Grandma fights back! O2 has launched an AI-generated “Grandma” who will answer scam phone calls in real time in order to waste scammers’ time.

Trained using real-world scam content, “Daisy” is highly realistic and can trick scammers into thinking they have found the perfect target by impersonating an elderly lady vulnerable to scams.

Daisy can respond to multiple scam calls at the same time and has kept some scammers on the line for as long as 40 minutes at a time.

Her cutting-edge threat prevention tactics include telling meandering stories about her family, talking at length about her passion for knitting, and sending made-up bank details.

A serious note? Generative AI can be an effective tool in preventing cyber-crime by frustrating hackers and providing advice to users in real time.

Expert Insights Q&As Published This Week:

Palo Alto Networks VP: Achieving Zero Trust in 2025
Kaseya Sr Director: Reducing RMM costs and using fewer tools
ESET Chief Security Evangelist: Securing M365 against phishing
Acronis Sr Product Manager: Prioritizing cloud backup Strategies for 2025

That’s all for this week. 👋

We’re back on Thursday for our weekly cybersecurity vendor news roundup.

Expert Insights Cybersecurity Resources: