Singapore Takes Down Chinese Hackers Targeting Telco Networks

Staff Editor 2026-02-10
Singapore Takes Down Chinese Hackers Targeting Telco Networks

Singapore Takes Down Chinese Hackers Targeting Telco Networks

https://www.infosecurity-magazine.com/news/singapore-takes-down-china-hackers/

Publish Date: 2026-02-10 07:30:00

Source Domain: www.infosecurity-magazine.com

The Singapore government disrupted cyber-attacks attributed to Chinese-nexus cyber threat group UNC3886 which targeted the country’s four telecommunications operators.

The law enforcement operation, dubbed Operation Cyber Guardian, spanned from the summer of 2025 to early 2026 but remained secret until now.

The Cyber Security Agency of Singapore (CSA) revealed what happened in a report published on February 9, 2026.

Singapore’s Largest Anti-Cyber Threat Initiative

On July 18, 2025, K Shanmugam, Singapore’s Coordinating Minister for National Security, warned that UNC3886, an advanced persistent threat (APT) group associated to the Chinese regime, had been conducting cyber-attacks against the country’s critical infrastructure.

Details of the attacks remained secret at the time to preserve Singapore’s national security.

In its latest report, CSA shared that the four telcos detected intrusions and notified CSA and the Infocomm Media Development Authority (IMDA) of the breach. The two government agencies then quickly brought together a taskforce of over 100 cyber defenders across six agencies to help the telcos mitigate the threat.

Aside from the CSA and IMDA, entities involved in Operation Cyber Guardian included the Centre for Strategic Infocomm Technologies (CSIT), the Digital and Intelligence Service (DIS), the Government Technology Agency of Singapore (GovTech) and the Internal Security Department (ISD).

CSA explained that Operation Cyber Guardian spanned 11 months and was the largest and longest-running anti-cyber threat effort in the country’s history.

Inside UNC3886’s Cyber-Attack Against Singaporean Telcos

The investigations have indicated that UNC3886 had launched a deliberate, targeted and well-planned campaign against Singapore’s telecommunications companies which included M1, SIMBA Telecom, Singtel and StarHub.

In one instance, the hacking group used a zero-day exploit to bypass a perimeter firewall installed at the target…

Source

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy