SINGAPORE – Telco technical data such as network diagrams and configurations has been likened by cybersecurity experts to a building’s “blueprint” that could offer hackers access to critical networks with the potential to bring about outages and data leaks.

Mr Aaron Ang, chief technology officer of Singapore-based cybersecurity specialist Cyber Leaders Nexus, said such technical data is like “the blueprints and guard schedules of a building”.

He added: “A thief with it knows exactly where to enter, which paths to avoid cameras and how to reach restricted rooms. Even if they leave without stealing anything, the real damage is done because they know how everything connects, including backdoors into neighbouring buildings.”

British-based cybersecurity company Sophos and US-headquartered cybersecurity company Infoblox said other useful technical data include service and user account names and domain name system architecture as they allow hackers to plan future intrusions.

Their comments come after the Cyber Security Agency of Singapore revealed on Feb 9 that

state-sponsored cyberespionage group UNC3886

The authorities did not provide details of the data stolen, but said that no sensitive customer data was seen or exfiltrated, and that critical systems such as the 5G core were not compromised.

Mr Rafe Pilling, director of threat research at Sophos, said that defending telco systems against future attacks will involve keeping software up to date and the f...