SINGAPORE – Singapore Telecommunications Ltd., Singapore’s largest mobile carrier, was breached this summer by Chinese state-backed hackers as part of a broader campaign against telecommunications companies and other critical infrastructure operators around the world, according to two people familiar with the matter.

The previously undisclosed breach was discovered in June and investigators believe it was carried out by a hacking group known as Volt Typhoon, according to two people who asked not to be identified to discuss a confidential investigation.

Officials in the US, Australia, Canada, the UK and New Zealand (the “Five Eyes” intelligence sharing alliance) warned in early 2024 that: Volt Typhoon was settling into compromised IT networks Giving China the ability to launch devastating cyberattacks in the event of a military conflict with the West.

The breach of Singtel, a carrier operating in Southeast Asia and Australia, was seen as a test by China for further attacks on US telecommunications companies, and information from the attack provided clues about the expanding scope of China’s suspected attacks on them. Sources said critical infrastructure was located abroad, including in the United States.

In an emailed response to Bloomberg News’ questions, Singtel did not directly answer questions about the alleged breach. “We understand the importance of network resiliency, especially as we are a major infrastructure service provider,” the company said. “That’s why we embrace industry best practices and work with industry-leading security partners to continually monitor and promptly address the threats we face on a daily basis. “We also regularly review and improve our cybersecurity capabilities and defenses to protect our critical assets from evolving threats.”

Liu Pengyu, a spokesman for the Chinese Embassy in Washington, was quoted by Bloomberg as saying he was not aware of the details, but in general China resolutely opposes and combats cyber attacks and cyber theft.

The United States is currently struggling with suspected Chinese attacks on political campaigns and telecommunications companies. Authorities have described the telecommunications breach as one of the most damaging campaigns recorded by suspected Chinese hackers and an attack they are still trying to fully understand and contain.

AT&T Inc. was involved in U.S. telecommunications attacks that researchers attributed to another Chinese group called Salt Typhoon. and Verizon Communications Inc. were among those breached, with hackers potentially accessing systems the federal government uses for court-approved network interception requests. The Wall Street Journal reported in early October.

U.S. intelligence officials say the Chinese hacking group named after Microsoft Corp. Salt Typhoon may be inside US telecommunications companies for months They found a route to an access point for legally permissible wiretapping, according to a person familiar with their views.

AT&T declined to comment. Verizon did not respond to a request for comment.

Through these intrusions, hackers are believed to have targeted the phones of former President Donald Trump, vice president J.D. Vance, and Trump family members, as well as Vice President Kamala Harris’ campaign staff and others, the New York Times reported. .

In the case of the alleged Singtel breach, one of the people familiar with the incident said the attack relied on a tool known as a web shell.

In August, researchers at Lumen Technologies Inc. said in a blog post that they assessed with “moderate confidence” that Volt Typhoon uses such a web shell. According to Lumen researchers, a sample of the malware was first uploaded on June 7 by an unidentified organization in Singapore to VirusTotal, a popular site for security experts to search for malicious code.