A United States-based cybersecurity company said that 13 telecommunications companies across the world were hacked by an entity named LightBasin, publicly known as UNC1945. "CrowdStrike identified evidence of at least 13 telecommunication companies across the world compromised by LightBasin dating back to at least 2019," said a blogpost by the cybersecurity company. Although, during its investigation CrowdStrike found evidence of Chinese language in LightBasin's data, the company did not assert a nexus between LightBasin and China. MediaNama has reached out to CrowdStrike for more details such as the names of the telecommunications companies that were affected. In brief, the cybersecurity company said LightBasin took advantage of the lax security protocols on Linux/Solaris systems – usually used by telecommunications companies. "LightBasin’s focus on Linux and Solaris systems is likely due to the combination of critical telecommunications infrastructure running on those operating systems, in addition to the comparatively lax security measures and monitoring solutions on Linux/Solaris systems that are typically in place on Windows operating systems within an organization," said CrowdStrike. The data that was accessed by LightBasin includes subscriber information and call metadata. This cyber attack is reminiscent of the alleged China-backed attack on India's critical infrastructure systems such as power companies in Telangana and other states. Although it is not yet confirmed whether Chinese state actors are involved in this cyber-attack, or whether any major Indian telcos were affected, it must be pointed out that India still does not have a data protection law, and the National Cyber Security Strategy…
