"Ribbon supplies software, IP, and optical networking systems to telecoms service providers, businesses, and critical infrastructure organizations including BT, Verizon, CenturyLink, Deutsche Telekom, and Tata, as well as public-sector bodies such as the US Defense Department and the City of Los Angeles. In a with the US Securities and Exchange Commission (SEC), the company has revealed that "unauthorized persons, reportedly associated with a nation-state actor" had gained access to its network in December 2024."
""The Company promptly initiated its incident response plan and began an investigation, containment and remediation effort using multiple third-party cybersecurity experts, including federal law enforcement," it said. "While the investigation is ongoing, the Company believes that it has been successful in terminating the unauthorized access by the threat actor." Ribbon Communications said there was no evidence that the threat actor had accessed or exfiltrated any "material information", and that it doesn't believe any government customers were impacted."
""We don't know which nation state is behind the attack, or what their MO was, but the fact that they were inside the network for as long as a year before being noticed is deeply concerning," McConechy said. "This could also suggest the attack was executed out of China, as their attackers often rely on living off the land and stealthy techniques to stay"
State-sponsored attackers gained unauthorized access to Ribbon Communications' network in December 2024 and remained present for nearly a year before detection. Ribbon supplies software, IP, and optical networking systems to major telecoms, enterprises, and public-sector bodies, including national defense and municipal customers. The company activated its incident response plan and engaged third-party cybersecurity experts and federal law enforcement for investigation, containment, and remediation. Ribbon reports no evidence of material data exfiltration and does not believe government customers were impacted, but several customer files on two external laptops appeared accessed and those customers were notified. The responsible nation has not been confirmed; an industry expert suggested China as a likely source based on stealthy techniques.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]