Hackers breached subsea cable operator Pacnet’s corporate IT network

Global telecommunications service provider and fibre optic subsea cable operator Pacnet has suffered a breach: unknown hackers have gained access to its corporate IT network last month.

It’s interesting to note that the compromise happened prior to Telstra, Australia’s largest telecom and media company, finalizing its acquisition of Pacnet on on 16 April 2015.

Telstra was made aware of the breach upon the takeover and, according to Telstra CISO Mike Burgess, they “took immediate action to investigate and respond to the breach,” including sending Telstra security experts to Hong Kong to conduct a detailed assessment of Pacnet’s network security and engaging an expert external incident response team to assist with their monitoring and protective measures.

“Our investigation found that a third party had gained initial access to Pacnet’s corporate network through a SQL vulnerability that enabled malicious software to be uploaded to the network and ultimately led to the theft of admin and user credentials,” he shared.

“We immediately addressed the security vulnerability that allowed access to the network, removed all known malicious software and put in place additional monitoring and incident response capabilities that we routinely apply to all of our networks. We also ran indicator of compromise checks across all of the Pacnet corporate IT network computers, both servers and workstations.”

He also noted that the Pacnet corporate IT network was not and still is not connected to Telstra, so Telstra’s network hasn’t been compromised.

They don’t know who was behind the attack and the reason for it.

“We have no evidence that information was stolen from the network. Now that we understand the nature of the breach and have taken steps to address it we are talking to our Pacnet customers and staff to let them know what occurred and what we have done in response,” he concluded.




Share this