NTT Com’s security team isolated both systems within hours of detection, but the delayed identification of the second breach suggests potential gaps in network segmentation (NIST SP 800-53 AC-4) and real-time anomaly detection. The telecom sector faces an imminent threat as Salt Typhoon and similar organizations increase their attacks on the sector: adapt quickly or risk becoming a permanent gateway for global cyberespionage operations. A 2024 Mandiant report notes a 214% year-over-year increase in telecom-focused APT activity, primarily targeting call detail records (CDRs) and SS7/Diameter signaling protocols to enable surveillance or SIM swap attacks. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Cybersecurity firms advocate immediate adoption of 3GPP’s 5G Security Assurance Specifications (SCAS) to harden network functions virtualization (NFV) environments. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Salt Typhoon’s documented tactics include exploiting VPN vulnerabilities (CVE-2023-46805) and deploying custom web shells (MITRE ATT&CK T1505.003) to maintain persistence in telecom networks. While the company confirmed the corporate impact, it has not yet disclosed how many individual employee records were exfiltrated, leaving affected organizations uncertain about downstream privacy risks. She is covering various cyber security incidents happening in the Cyber Space. NTT Com enacted its incident response playbook within 90 minutes of the initial breach detection, according to internal timelines shared with regulators.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 12 Mar 2025 00:25:17 +0000