Hackers steal user database from European telecommunications standards body

Siva Ramakrishnan
A nonprofit institution for developing communications standards said hackers have stolen a database identifying its users.

A nonprofit institution for developing communications standards said hackers have stolen a database identifying its users.

The European Telecommunications Standards Institute (ETSI) announced the incident last week. It is not yet clear whether the attack was financially motivated or if the hackers had intended to acquire the list of users for espionage purposes.

Following the incident, ETSI, which is based in the Sophia Antipolis technology park in the French Riviera, said it brought in France’s cybersecurity agency ANSSI “to investigate and repair the information systems.”

The nonprofit said the “vulnerability on which the attack was based has been fixed,” although it did not identify the vulnerability. A spokesperson declined to clarify whether this had been a known vulnerability or a zero-day at the time of the attack.

“Under the guidance of ANSSI experts, ETSI has fixed the vulnerability, undertaken additional security actions and significantly strengthened its IT security procedures. Following this incident, ETSI asked their online service users to change their passwords,” the institution stated.

A judicial inquiry — effectively the investigation phase of criminal proceedings in France — is underway, and the French data protection authority has been informed of the data breach, said ETSI.

In the statement on the institution’s web page, the director-general Luis Jorge Romero described the hack as a “crisis” and thanked ANSSI for helping the body “determine the remedial actions to be taken, and to strengthen the security of our systems.”

ETSI has more than 900 member organizations from over 60 countries, including “large and small private companies, research entities, academia, government and public organizations.” It’s unclear what information about them was in the stolen database.

Telecommunications standards are a fraught topic internationally. As articulated by Ian Levy, the former technical director of Britain’s National Cyber Security Centre, these standards encode social values and have a material impact on the ways our society functions.

Last year, diplomats and industry representatives gathered in the Romanian capital of Bucharest to elect officials running the U.N.’s International Telecommunications Union, an obscure agency that has over the past decade become one of the most vigorously contested parts of the international system.

Despite anxieties about the direction of the vote amid the backdrop of the war in Ukraine, the U.S. contender to lead the agency defeated their Russian rival by a surprising landslide vote.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

U.K. Royal Family Website Faces Cyber Siege: A Close Look at the DDoS Attack

Next Post

Cisco warns of attempted exploitation of zero-day in VPN software

Related Posts