Symantec has discovered Chinese hacking of telecoms and satellites

Ryan Daws is a senior editor at TechForge Media with over a decade of experience in crafting compelling narratives and making complex topics accessible. His articles and interviews with industry leaders have earned him recognition as a key influencer by organisations like Onalytica. Under his leadership, publications have been praised by analyst firms such as Forrester for their excellence and performance. Connect with him on X (@gadget_ry) or Mastodon (

Cybersecurity firm Symantec has exposed Chinese hacking of satellite communications and telecoms in the United States and Southeast Asia.

The company’s AI-based Targeted Attack Analytics (TAA) system helped researchers expose a hacking campaign from a group called Thrip.

On the surface, Symantec said the activity looked innocuous. TAA alerted Symantec’s investigation team and set them on the path to discovering the attack from a group the company has been monitoring since 2013.

“This is likely espionage,” said Greg Clark, Symantec CEO. “The Thrip group has been working since 2013 and their latest campaign uses standard operating system tools, so targeted organisations won’t notice their presence.”

“They operate very quietly, blending into networks, and are only discovered using artificial intelligence that can identify and flag their movements. Alarmingly, the group seems keenly interested in telecom, satellite operators, and defense companies. We stand ready to work with appropriate authorities to address this serious threat.”

Symantec followed the trail back to machines originating in mainland China where they were using legitimate operating system features and network administration tools in the attempt to evade detection.

The group’s likely motive is espionage according to Symantec, but a ‘more aggressive, disruptive stance’ could be adopted as it compromises operational systems.

With the current lack of trust in the use of Chinese telecoms equipment over national security concerns from the likes of Australia and the United States, this latest report from Symantec won’t help to quell those fears.

What are your thoughts on Symantec’s findings? Let us know in the comments. in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming event in Silicon Valley, London and Amsterdam to learn more.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *