telecommunications
Auto Added by WPeMatico
Auto Added by WPeMatico
Germany is resisting US pressure to shut out Chinese tech giant Huawei from its 5G networks — saying it will not ban any supplier for the next-gen mobile networks on an up front basis, per Reuters.
“Essentially our approach is as follows: We are not taking a pre-emptive decision to ban any actor, or any company,” government spokesman, Steffen Seibert, told a news conference in Berlin yesterday.
The country’s Federal Network Agency is slated to be publishing detailed security guidance on the technical and governance criteria for 5G networks in the next few days.
The next-gen mobile technology delivers faster speeds and lower latency than current-gen cellular technologies, as well as supporting many more connections per cell site. So it’s being viewed as the enabling foundation for a raft of futuristic technologies — from connected and autonomous vehicles to real-time telesurgery.
But increased network capabilities that support many more critical functions means rising security risk. The complexity of 5G networks — marketed by operators as “intelligent connectivity” — also increases the surface area for attacks. So future network security is now a major geopolitical concern.
German business newspaper Handelsblatt, which says it has reviewed a draft of the incoming 5G security requirements, reports that chancellor Angela Merkel stepped in to intervene to exclude a clause which would have blocked Huawei’s market access — fearing a rift with China if the tech giant is shut out.
Earlier this year it says the federal government pledged the highest possible security standards for regulating next-gen mobile networks, saying also that systems should only be sourced from “trusted suppliers”. But those commitments have now been watered down by economic considerations at the top of the German government.
The decision not to block Huawei’s access has attracted criticism within Germany, and flies in the face of continued US pressure on allies to ban the Chinese tech giant over security and espionage risks.
The US imposed its own export controls on Huawei in May.
A key concern attached to Huawei is that back in 2017 China’s Communist Party passed a national intelligence law which gives the state swingeing powers to compel assistance from companies and individuals to gather foreign and domestic intelligence.
For network operators outside China the problem is Huawei has the lead as a global 5G supplier — meaning any ban on it as a supplier would translate into delays to network rollouts. Years of delay and billions of dollars of cost to 5G launches, according to warnings by German operators.
Another issue is that Huawei’s 5G technology has also been criticized on security grounds.
A report this spring by a UK oversight body set up to assess the company’s approach to security was damning — finding “serious and systematic defects” in its software engineering and cyber security competence.
Though a leak shortly afterwards from the UK government suggested it would allow Huawei partial access — to supply non-core elements of networks.
An official UK government decision on Huawei has been delayed, causing ongoing uncertainty for local carriers. In the meanwhile a government review of the telecoms supply chain this summer called for tougher security standards and updated regulations — with major fines for failure. So it’s possible that stringent UK regulations might sum to a de facto ban if Huawei’s approach to security isn’t seen to take major steps forward soon.
According to Handelsblatt’s report, Germany’s incoming guidance for 5G network operators will require carriers identify critical areas of network architecture and apply an increased level of security. (Although it’s worth pointing out there’s ongoing debate about how to define critical/core network areas in 5G networks.)
The Federal Office for Information Security (BSI) will be responsible for carrying out security inspections of networks.
Last week a pan-EU security threat assessment of 5G technology highlighted risks from “non-EU state or state-backed actors” — in a coded jab at Huawei.
The report also flagged increased security challenges attached to 5G vs current gen networks on account of the expanded role of software in the networks and apps running on 5G. And warned of too much dependence on individual 5G suppliers, and of operators relying overly on a single supplier.
Shortly afterwards the WSJ obtained a private risk assessment by EU governments — which appears to dial up regional concerns over Huawei, focusing on threats linked to 5G providers in countries with “no democratic and legal restrictions in place”.
Among the discussed risks in this non-public report are the insertion of concealed hardware, software or flaws into 5G networks; and the risk of uncontrolled software updates, backdoors or undocumented testing features left in the production version of networking products.
“These vulnerabilities are not ones which can be remedied by making small technical changes, but are strategic and lasting in nature,” a source familiar with the discussions told the WSJ — which implies that short term economic considerations risk translating into major strategic vulnerabilities down the line.
5G alternatives are in short supply, though.
US Senator Mark Warner recently floated the idea of creating a consortium of ‘Five Eyes’ allies — aka the U.S., Australia, Canada, New Zealand and the UK — to finance and build “a Western open-democracy type equivalent” to Huawei.
But any such move would clearly take time, even as Huawei continues selling services around the world and embedding its 5G kit into next-gen networks.
Powered by WPeMatico
European Union Member States have published a joint risk assessment report into 5G technology which highlights increased security risks that will require a new approach to securing telecoms infrastructure.
The EU has so far resisted pressure from the U.S. to boycott Chinese tech giant Huawei as a 5G supplier on national security grounds, with individual Member States such as the UK also taking their time to chew over the issue.
But the report flags risks to 5G from what it couches as “non-EU state or state-backed actors” — which can be read as diplomatic code for Huawei. Though, as some industry watchers have been quick to point out, the label could be applied rather closer to home in the near future, should Brexit comes to pass…
Some parts of the 5G report on risk of non-EU cyberattacks may accidentally gain a new unexpected meaning after #Brexit (https://t.co/o7gyV0hqCv) https://t.co/VgU30kRz4p
— Lukasz Olejnik (@lukOlejnik) October 9, 2019
Back in March, as European telecom industry concern swirled about how to respond to US pressure to block Huawei, the Commission stepped in to issue a series of recommendations — urging Member States to step up individual and collective attention to mitigate potential security risks as they roll out 5G networks.
Today’s risk assessment report follows on from that.
It identifies a number of “security challenges” that the report suggests are “likely to appear or become more prominent in 5G networks” vs current mobile networks — linked to the expanded use of software to run 5G networks; and software and apps that will be enabled by and run on the next-gen networks.
The role of suppliers in building and operating 5G networks is also noted as a security challenge, with the report warning of a “degree of dependency on individual suppliers”, and also of too many eggs being placed in the basket of a single 5G supplier.
Summing up the effects expected to follow 5G rollouts, per the report, it predicts:
The high level report is a compilation of Member States’ national risk assessments, working with the Commission and the European Agency for Cybersecurity. It’s couched as just a first step in developing a European response to securing 5G networks.
“It highlights the elements that are of particular strategic relevance for the EU,” the report says in self-summary. “As such, it does not aim at presenting an exhaustive analysis of all relevant aspects or types of individual cybersecurity risks related to 5G networks.”
The next step will be the development, by December 31, of a toolbox of mitigating measures, agreed by the Network and Information Systems Cooperation Group, which will be aimed at addressing identified risks at national and Union level.
“By 1 October 2020, Member States – in cooperation with the Commission – should assess the effects of the Recommendation in order to determine whether there is a need for further action. This assessment should take into account the outcome of the coordinated European risk assessment and of the effectiveness of the measures,” the Commission adds.
For the toolbox a variety of measures are likely to be considered, per the report — consisting of existing security requirements for previous generations of mobile networks with “contingency approaches” that have been defined through standardisation by the mobile telephony standards body, 3GPP, especially for core and access levels of 5G networks.
But it also warns that “fundamental differences in how 5G operates also means that the current security measures as deployed on 4G networks might not be wholly effective or sufficiently comprehensive to mitigate the identified security risks”, adding that: “Furthermore, the nature and characteristics of some of these risks makes it necessary to determine if they may be addressed through technical measures alone.
“The assessment of these measures will be undertaken in the subsequent phase of the implementation of the Commission Recommendation. This will lead to the identification of a toolbox of appropriate, effective and proportionate possible risk management measures to mitigate cybersecurity risks identified by Member States within this process.”
The report concludes with a final line saying that “consideration should also be given to the development of the European industrial capacity in terms of software development, equipment manufacturing, laboratory testing, conformity evaluation, etc” — packing an awful lot into a single sentence.
The implication is that the business of 5G security will need to get commensurately large to scale to meet the multi-dimensional security challenge that goes hand in glove with the next-gen tech. Just banning a single supplier isn’t going to cut it.
Powered by WPeMatico
On September 17, HTC announced that cofounder Cher Wang would be stepping down as CEO. In her place, Yves Maitre stepped into the role of Chief Executive, after more than a decade at French telecom giant, Orange.
It’s a tough job at an even tougher time. The move comes on the tail of five consecutive quarterly losses and major layoffs, including a quarter of the company’s staff, which were let go in July of last year.
It’s a far fall for a company that comprised roughly 11 percent of global smartphone sales, some eight years ago. These days, HTC is routinely relegated to the “other” column when these figures are published.
All of this is not to say that the company doesn’t have some interesting irons in the fire. With Vive, HTC has demonstrated its ability to offer a cutting edge VR platform, while Exodus has tapped into an interest in exploring the use of blockchain technologies for mobile devices.
Of course, neither of these examples show any sign of displacing HTC’s once-booming mobile device sales. And this January’s $1.1 billion sale of a significant portion of its hardware division to Google has left many wondering whether it has much gas left in the mobile tank.
With Wang initially scheduled to appear on stage at Disrupt this week, the company ultimately opted to have Maitre sit in on the panel instead. In preparation for the conversation, we sat down with the executive to discuss his new role and future of the struggling Taiwanese hardware company.
Powered by WPeMatico
Chinese mobile phone and device maker Transsion has listed in an IPO on Shanghai’s STAR Market, a Transsion spokesperson confirmed to TechCrunch.
Headquartered in Shenzhen, Transsion is a top seller of smartphones in Africa under its Tecno brand. The company has also started to support venture funding of African startups.
Transsion issued 80 million A shares at an opening price of 35.15 yuan (≈ $5.00) to raise 2.8 billion yuan (or ≈ $394 million).
A shares are the common shares issued by mainland Chinese companies and are normally available for purchases only by mainland citizens.
Transsion’s IPO prospectus is downloadable (in Chinese) and its STAR Market listing application is available on the Shanghai Stock Exchange’s website.
STAR is the Shanghai Stock Exchange’s new Nasdaq-style board for tech stocks that went live in July with some 25 companies going public.
Transsion plans to spend 1.6 billion yuan (or $227 million) of its STAR Market raise on building more phone assembly hubs, and around 430 million yuan ($62 million) on research and development, including a mobile phone R&D center in Shanghai, a company spokesperson said.
To support its African sales network, Transsion maintains a manufacturing facility in Ethiopia. The company recently announced plans to build an industrial park and R&D facility in India for manufacture of phones to Africa.
The IPO comes after Transsion announced its intent to go public and filed its first docs with the Shanghai Stock Exchange in April.
Listing on STAR Market puts Transsion on China’s new exchange — seen as an extension of Beijing’s ambition to become a hub for tech startups to raise public capital. Chinese regulators lowered profitability requirements for the STAR Market, which means pre-profit ventures can list.

Transsion’s IPO comes when the company is actually in the black. The firm generated 22.6 billion yuan ($3.29 billion) in revenue in 2018, up from 20 billion yuan a year earlier. Net profit for the year slid to 654 million yuan, down from 677 million yuan in 2017, according to the firm’s prospectus.
Transsion sold 124 million phones globally in 2018, per company data. In Africa, Transsion holds 54% of the feature phone market — through its brands Tecno, Infinix and Itel — and in smartphone sales is second to Samsung and before Huawei, according to International Data Corporation stats.
Transsion has R&D centers in Nigeria and Kenya and its sales network in Africa includes retail shops in Nigeria, Kenya, Tanzania, Ethiopia and Egypt. The company also attracted attention for being one of the first known device makers to optimize its camera phones for African complexions.
On a 2019 research trip to Addis Ababa, TechCrunch learned the top entry-level Tecno smartphone was the W3, which lists for 3,600 Ethiopian Birr, or roughly $125.
In Africa, Transsion’s ability to build market share and find a sweet spot with consumers on price and features gives it prominence in the continent’s booming tech scene.
Africa already has strong mobile-phone penetration, but continues to undergo a conversion from basic USSD phones, to feature phones, to smartphones.
Smartphone adoption on the continent is low, at 34%, but expected to grow to 67% by 2025, according to GSMA.
This, added to an improving internet profile, is key to Africa’s tech scene. In top markets for VC and startup origination — such as Nigeria, Kenya and South Africa — thousands of ventures are building business models around mobile-based products and digital applications.

If Transsion’s IPO enables higher smartphone conversion on the continent, that could enable more startups and startup opportunities — from fintech to VOD apps.
Another interesting facet to Transsion’s IPO is its potential to create greater influence from China in African tech, in particular as the Shenzhen company moves more definitely toward venture investing.
In August, Transsion-funded Future Hub teamed up with Kenya’s Wapi Capital to source and fund early-stage African fintech startups.
China’s engagement with African startups has been light compared to China’s deal-making on infrastructure and commodities — further boosted in recent years as Beijing pushes its Belt and Road plan.
Transsion’s IPO is the second event this year — after Chinese owned Opera’s venture spending in Nigeria — to reflect greater Chinese influence and investment in the continent’s digital scene.
So in coming years, China could be less known for building roads and bridges in Africa and more for selling smartphones and providing VC for African startups.
Powered by WPeMatico
Amazon has gone live with Amazon Care, a new pilot healthcare service offering that is initially available to its employees in and around the Seattle area. The Amazon Care offering includes both virtual and in-person care, with telemedicine via app, chat and remote video, as well as follow-up visits and prescription drug delivery in person directly at an employee’s home or office.
First reported by CNBC, Amazon Care grew out of an initiative announced in 2018 with J.P. Morgan and Berkshire Hathaway to make a big change in how they all collectively handle their employee healthcare needs. The companies announced at the time that they were eager to put together a solution that was “free from profit-making incentives and constraints,” which are of course at the heart of private insurance companies that serve corporate clients currently.
Other large companies, like Apple, offer their own on-premise and remotely accessible healthcare services as part of their employee compensation and benefits packages, so Amazon is hardly unique in seeking to scratch this itch. The difference, however, is that Amazon Care is much more external-facing than those offered by its peers in Silicon Valley, with a brand identity and presentation that strongly suggests the company is thinking about more than its own workforce when it comes to a future potential addressable market for Care.
Care’s website also provides a look at the app that Amazon developed for the telemedicine component, which shows the flow for choosing between text chat and video, as well as a summary of care provided through the service, with invoices, diagnosis and treatment plans all available for patient review.
Amazon lists Care as an option for a “first stop,” with the ability to handle things like colds, infections, minor injuries, preventative consultations, lab work, vaccinations, contraceptives and STI testing and general questions. Basically, it sounds like they cover a lot of what you’d handle at your general practitioner, before being recommended on for any more specialist or advanced medical treatment or expertise.
Current eligibility is limited to Amazon’s employees who are enrolled in the company’s health insurance plan and who are located in the pilot service geographical area. The service is currently available between 8 AM and 9 PM local time, Monday through Friday, and between 8 AM and 6 PM Saturday and Sunday.
Amazon acquired PillPack last year, an online pharmacy startup, for around $753 million, and that appears to be part of their core value proposition with Amazon Care, too, which features couriered prescribed medications and remotely communicated treatment plans.
Amazon may be limiting this pilot to employees at launch, but the highly publicized nature of their approach, and the amount of product development that clearly went into developing the initial app, user experience and brand all indicate that it has the broader U.S. market in mind as a potential expansion opportunity down the line. Recent reports also suggest that it’s going to make a play in consumer health with new wearable fitness tracking devices, which could very nicely complement insurance and healthcare services offered at the enterprise and individual level. Perhaps not coincidentally, Walgreens, CVS and McKesson stock were all trading down today.
Powered by WPeMatico
T-Mobile customers across the U.S. say they can’t make calls or send text messages following an apparent outage — although mobile data appears to be unaffected.
We tested with a T-Mobile phone in the office. Both calls to and from the T-Mobile phone failed. When we tried to send a text message, it said the message could not be sent. The outage began around 3pm PT (6pm ET).
Users took to social media to complain about the outage. It’s not clear how many customers are affected, but users across the U.S. have said they are affected.
A T-Mobile support account said the cell giant has “engaged our engineers and are working on a resolution.”
In a tweet two hours into the outage, chief executive John Legere acknowledged the outage, adding that the company has “already started to see signs of recovery.”
T-Mobile is the third largest cell carrier after Verizon (which owns TechCrunch) and AT&T. The company had its proposed $26.5 billion merger with Sprint approved by the Federal Communications Commission, despite a stream of state attorneys general lining up to block the deal.
Updated with acknowledgement by chief executive John Legere.
Powered by WPeMatico
Two major U.S. carriers, AT&T and T-Mobile, announced this morning a plan to team up to protect their respective customer bases from the scourge of scam robocalls. The two companies will today begin to roll out new cross-network call authentication technology based on the STIR/SHAKEN standards — a sort of universal caller ID system designed to stop illegal caller ID spoofing.
Robocalls have become a national epidemic. In 2018, U.S. mobile users received nearly 48 million robocalls — or more than 150 calls per adult, the carriers noted.
A huge part of the problem is that these calls now often come in with a spoofed phone number, making it hard for consumers to screen out unwanted calls on their own. That’s led to a rise in robocall blocking and screening apps. Even technology companies have gotten involved, with Google introducing a new AI call screener in Android and Apple rolling out Siri-powered spam call detection with iOS 13.
To help fight the call spoofing problem, the industry put together a set of standards called STIR/SHAKEN (Secure Telephony Identity Revisited / Secure Handling of Asserted information using toKENs), which effectively signs calls as “legitimate” as they travel through the interconnected phone networks.
However, the industry has been slow to roll out the system, which prompted the FCC to finally step in.
In November 2018, FCC Chairman Ajit Pai wrote to U.S. mobile operators, asking them to outline their plans around the implementation of the STIR/SHAKEN standards. The regulator also said that it would step in to mandate the implementation if the carriers didn’t meet an end-of-2019 deadline to get their call authentication systems in place.
Today’s news from AT&T and T-Mobile explains how the two will work together to authenticate calls across their networks. By implementing STIR/SHAKEN, calls will have their Caller ID signed as legitimate by the originating carrier, then validated by other carriers before they reach the consumer. Spoofed calls would fail this authentication process, and not be marked as “verified.”
As more carriers participate in this sort of authentication, more calls can be authenticated.
However, this system alone won’t actually block the spam calls — it just gives the recipient more information. In addition, devices will have to support the technology, as well, in order to display the new “verification” information.
T-Mobile earlier this year was first to launch a caller verification system on the Samsung Galaxy Note9, and today it still only works with select Android handsets from Samsung and LG. AT&T meanwhile, announced in March it was working with Comcast to exchange authenticated calls between two separate networks — a milestone in terms of cooperation between two carriers. T-Mobile and Comcast announced their own agreement in April.
The news also follows a statement by Chairman Pai that says the FCC will sign off to approve a T-Mobile/Sprint merger, as has been expected.
Powered by WPeMatico
Chinese mobile-phone and device maker Transsion will list in an IPO on Shanghai’s STAR Market, Transsion confirmed to TechCrunch.
The company — which has a robust Africa sales network — could raise up to 3 billion yuan (or $426 million).
“The company’s listing-related work is running smoothly. The registration application and issuance process is still underway, with the specific timetable yet to be confirmed by the CSRC and Shanghai Stock Exchange,” a spokesperson for Transsion’s Office of the Secretary to the Chairman told TechCrunch via email.
Transsion’s IPO prospectus is downloadable (in Chinese) and its STAR Market listing application available on the Shanghai Stock Exchange’s website.
STAR is the Shanghai Stock Exchange’s new Nasdaq-style board for tech stocks that also went live in July with some 25 companies going public.
Headquartered in Shenzhen — where African e-commerce unicorn Jumia also has a logistics supply-chain facility — Transsion is a top-seller of smartphones in Africa under its Tecno brand.
The company has a manufacturing facility in Ethiopia and recently expanded its presence in India.
Transsion plans to spend the bulk of its STAR Market raise (1.6 billion yuan or $227 million) on building more phone assembly hubs and around 430 million yuan ($62 million) on research and development, including a mobile phone R&D center in Shanghai, a company spokesperson said.
Transsion recently announced a larger commitment to capturing market share in India, including building an industrial park in the country for manufacture of phones to Africa.
The IPO comes after Transsion announced its intent to go public and filed its first docs with the Shanghai Stock Exchange in April.
Listing on the STAR Market will put Transsion on the freshly minted exchange seen as an extension of Beijing’s ambition to become a hub for high-potential tech startups to raise public capital. Chinese regulators lowered profitability requirements for the exchange, which means pre-profit ventures can list.
Transsion’s IPO process comes when the company is actually in the black. The firm generated 22.6 billion yuan ($3.29 billion) in revenue in 2018, up from 20 billion yuan a year earlier. Net profit for the year slid to 654 million yuan, down from 677 million yuan in 2017, according to the firm’s prospectus.
Transsion sold 124 million phones globally in 2018, per company data. In Africa, Transsion holds 54% of the feature phone market — through its brands Tecno, Infinix and Itel — and in smartphone sales is second to Samsung and before Huawei, according to International Data Corporation stats.
Transsion has R&D centers in Nigeria and Kenya and its sales network in Africa includes retail shops in Nigeria, Kenya, Tanzania, Ethiopia and Egypt. The company also attracted attention for being one of the first known device makers to optimize its camera phones for African complexions.
On a recent research trip to Addis Ababa, TechCrunch learned the top entry-level Tecno smartphone was the W3, which lists for 3,600 Ethiopian Birr, or roughly $125.
In Africa, Transsion’s ability to build market share and find a sweet spot with consumers on price and features gives it prominence in the continent’s booming tech scene.
Africa already has strong mobile-phone penetration, but continues to undergo a conversion from basic USSD phones, to feature phones, to smartphones.
Smartphone adoption on the continent is low, at 34%, but expected to grow to 67% by 2025, according to GSMA.
This, added to an improving internet profile, is key to Africa’s tech scene. In top markets for VC and startup origination — such as Nigeria, Kenya, and South Africa — thousands of ventures are building business models around mobile-based products and digital applications. 
If Transsion’s IPO enables higher smartphone conversion on the continent, that could enable more startups and startup opportunities — from fintech to VOD apps.
Another interesting facet to Transsion’s IPO is its potential to create greater influence from China in African tech, in particular if the Shenzhen company moves strongly toward venture investing.
China’s engagement with African startups has been light compared to China’s deal-making on infrastructure and commodities — further boosted in recent years as Beijing pushes its Belt and Road plan.
Transsion’s IPO move is the second recent event — after Chinese owned Opera’s big venture spending in Nigeria — to reflect greater Chinese influence and investment in the continent’s digital scene.
So in coming years, China could be less known for building roads and bridges in Africa and more for selling smartphones and providing VC for African startups.
Powered by WPeMatico
Cybereason, which uses machine learning to increase the number of endpoints a single analyst can manage across a network of distributed resources, has raised $200 million in new financing from SoftBank Group and its affiliates.
It’s a sign of the belief that SoftBank has in the technology, since the Japanese investment firm is basically doubling down on commitments it made to the Boston-based company four years ago.
The company first came to our attention five years ago when it raised a $25 million financing from investors, including CRV, Spark Capital and Lockheed Martin.
Cybereason’s technology processes and analyzes data in real time across an organization’s daily operations and relationships. It looks for anomalies in behavior across nodes on networks and uses those anomalies to flag suspicious activity.
The company also provides reporting tools to inform customers of the root cause, the timeline, the person involved in the breach or breaches, which tools they use and what information was being disseminated within and outside of the organization.
For co-founder Lior Div, Cybereason’s work is the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit, the military incubator for half of the security startups pitching their wares today. After his time in the military, Div worked for the Israeli government as a private contractor reverse-engineering hacking operations.
Over the last two years, Cybereason has expanded the scope of its service to a network that spans 6 million endpoints tracked by 500 employees, with offices in Boston, Tel Aviv, Tokyo and London.
“Cybereason’s big data analytics approach to mitigating cyber risk has fueled explosive expansion at the leading edge of the EDR domain, disrupting the EPP market. We are leading the wave, becoming the world’s most reliable and effective endpoint prevention and detection solution because of our technology, our people and our partners,” said Div, in a statement. “We help all security teams prevent more attacks, sooner, in ways that enable understanding and taking decisive action faster.”
The company said it will use the new funding to accelerate its sales and marketing efforts across all geographies and push further ahead with research and development to make more of its security operations autonomous.
“Today, there is a shortage of more than three million level 1-3 analysts,” said Yonatan Striem-Amit, chief technology officer and co-founder, Cybereason, in a statement. “The new autonomous SOC enables SOC teams of the future to harness technology where manual work is being relied on today and it will elevate L1 analysts to spend time on higher value tasks and accelerate the advanced analysis L3 analysts do.”
Most recently the company was behind the discovery of Operation SoftCell, the largest nation-state cyber espionage attack on telecommunications companies.
That attack, which was either conducted by Chinese-backed actors or made to look like it was conducted by Chinese-backed actors, according to Cybereason, targeted a select group of users in an effort to acquire cell phone records.
As we wrote at the time:
… hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — on at least 20 individuals.
Researchers at Boston-based Cybereason, who discovered the operation and shared their findings with TechCrunch, said the hackers could track the physical location of any customer of the hacked telcos — including spies and politicians — using the call records.
Lior Div, Cybereason’s co-founder and chief executive, told TechCrunch it’s “massive-scale” espionage.
Call detail records — or CDRs — are the crown jewels of any intelligence agency’s collection efforts. These call records are highly detailed metadata logs generated by a phone provider to connect calls and messages from one person to another. Although they don’t include the recordings of calls or the contents of messages, they can offer detailed insight into a person’s life. The National Security Agency has for years controversially collected the call records of Americans from cell providers like AT&T and Verizon (which owns TechCrunch), despite the questionable legality.
It’s not the first time that Cybereason has uncovered major security threats.
Back when it had just raised capital from CRV and Spark, Cybereason’s chief executive was touting its work with a defense contractor who’d been hacked. Again, the suspected culprit was the Chinese government.
As we reported, during one of the early product demos for a private defense contractor, Cybereason identified a full-blown attack by the Chinese — 10,000 thousand usernames and passwords were leaked, and the attackers had access to nearly half of the organization on a daily basis.
The security breach was too sensitive to be shared with the press, but Div says that the FBI was involved and that the company had no indication that they were being hacked until Cybereason detected it.
Powered by WPeMatico
In an era of massive data breaches, most recently the Capital One fiasco, the risk of a cyberattack and the costly consequences are the top existential threat to corporations big and small. At TechCrunch’s first-ever enterprise-focused event (p.s. early-bird sales end August 9), that topic will be front and center throughout the day.
That’s why we’re delighted to announce United’s chief information security officer Emily Heath will join TC Sessions: Enterprise in San Francisco on September 5, where we will discuss and learn how one of the world’s largest airlines keeps its networks safe.
Joining her to talk enterprise security will be a16z partner Martin Casado and DUO / Cisco’s head of advisory CISOs Wendy Nather, among others still to be announced.
At United, Heath oversees the airline’s cybersecurity program and its IT regulatory, governance and risk management.
The U.S.-based airline has more than 90,000 employees serving 4,500 flights a day to 338 airports, including New York, San Francisco, Los Angeles and Washington, D.C.
A native of Manchester, U.K., Heath served as a former police detective in the U.K. Financial Crimes Unit where she led investigations into international investment fraud, money laundering and large scale cases of identity theft — and ran joint investigations with the FBI, SEC and London’s Serious Fraud Office.
Heath and her teams have been the recipients of CSO Magazine’s CSO50 Awards for their work in cybersecurity and risk.
At TC Sessions: Enterprise, Heath will join a panel of cybersecurity experts to discuss security on enterprise networks large and small — from preventing data from leaking to keeping bad actors out of their network — where we’ll learn how a modern CSO moves fast without breaking things.
Join hundreds of today’s leading enterprise experts for this single-day event when you purchase a ticket to the show. The $249 early-bird sale ends Friday, August 9. Make sure to grab your tickets today and save $100 before prices go up.
Powered by WPeMatico