嗯,用户让我用中文总结这篇文章,控制在100字以内,而且不需要用“文章内容总结”之类的开头。好的,我先快速浏览一下文章内容。 文章主要讲的是一个与中国有关的网络攻击组织UNC3886,他们针对新加坡的电信公司进行了网络间谍活动。新加坡的网络安全局和信息通信媒体发展局联手进行了Operation CYBER GUARDIAN来应对这次攻击。攻击从2025年7月开始,目标是四大电信公司:M1、SIMBA Telecom、Singtel和StarHub。攻击者使用零日漏洞和后门程序,但最终没有造成重大破坏,也没有窃取数据或中断服务。新加坡方面迅速反应,修复了漏洞,并加强了监测。 现在我要把这些信息浓缩到100字以内。首先提到组织UNC3886及其目标——新加坡电信公司。然后说明攻击手段和结果:使用零日漏洞,但未造成重大影响。接着提到Operation CYBER GUARDIAN的应对措施和成功之处。 可能需要调整句子结构,确保信息完整且简洁。比如:“中国关联的网络间谍组织UNC3886针对新加坡电信公司发起攻击,利用零日漏洞进行间谍活动。尽管未造成重大破坏,但暴露了关键基础设施的安全风险。”这样大约在50字左右,可能需要再扩展一点。 或者:“中国关联的网络间谍组织UNC3886近期针对新加坡四大电信公司发起攻击,利用零日漏洞进行间谍活动。虽然未造成重大破坏,但凸显关键基础设施面临的安全威胁。”这样更接近100字的要求。 检查一下是否涵盖了主要点:组织名称、目标、攻击手段、结果、以及应对措施的影响。看起来都涵盖了。 </think> 中国关联的网络间谍组织UNC3886近期针对新加坡四大电信公司发起攻击,利用零日漏洞进行间谍活动。虽然未造成重大破坏,但凸显关键基础设施面临的安全威胁。 2026-2-10 08:40:15 Author: securityaffairs.com(查看原文) 阅读量:0 收藏
China-linked APT UNC3886 targets Singapore telcos
Pierluigi Paganini
February 10, 2026
China-linked group UNC3886 targeted Singapore ’s telecom sector in a cyber espionage campaign, Singapore’s Cyber Security Agency revealed.
Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) ran Operation CYBER GUARDIAN to protect the telecom sector. Since July 2025, investigations showed China-linked UNC3886 launched a targeted campaign against all four major telcos: M1, SIMBA Telecom, Singtel, and StarHub, aiming at critical infrastructure with deliberate and well-planned attacks.
UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in the US and Asia.
In 2023, the APT group targeted multiple government organizations using the Fortinet zero-day CVE-2022-41328 to deploy custom backdoors. UNC3886 prioritizes stealth by using passive backdoors and tampering with logs and forensic artifacts to ensure long-term persistence while evading detection.
“On 18 July 2025, Coordinating Minister for National Security Mr K Shanmugam shared that Advanced Persistent Threat (APT) actor UNC3886 had been detected attacking our critical infrastructure.” reads the report published by CSA. “Over the past months, our investigations have indicated that UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore’s telecommunications sector. All four of Singapore’s major telecommunications operators (“telcos”) – M1, SIMBA Telecom, Singtel and StarHub – have been the target of attacks.”
UNC3886, a highly skilled APT group, targeted Singapore’s telcos using advanced methods over time. They exploited a zero-day to bypass a firewall and access networks, exfiltrating mainly network-related data. They also deployed rootkits to maintain persistent access, hide their activities, and evade detection, forcing cyber teams to perform thorough checks across all affected networks.
Singapore’s telcos spotted a breach by UNC3886 and promptly notified the IMDA and CSA. This started Operation CYBER GUARDIAN, Singapore’s biggest coordinated cyber response, lasting over 11 months.
“Under Operation CYBER GUARDIAN, the authorities worked closely with the telcos to limit UNC3886’s movement into the networks and ensure our systems remain safe to use. So far, the attack by UNC3886 has not resulted in the same extent of damage as cyberattacks elsewhere.” continues the report. “The threat actor was able to gain unauthorised access into some parts of telco networks and systems. In one instance, they were able to gain limited access to critical systems but did not get far enough to have been able to disrupt services.”
More than 100 cyber experts from different agencies worked with the telcos to stop the attackers, limit their access, and secure systems. The attackers gained only partial access, without stealing data or disrupting services. Authorities fixed weaknesses, blocked access points, and increased monitoring. This teamwork between the government and telcos shows Singapore’s strong national cyber defence.
The fight isn’t over. Even though efforts so far have contained the attacks, future attempts to breach telco systems remain possible. Telcos are key targets, handling vast data and supporting the digital economy, making successful attacks a threat to national security and the economy.
The government takes this seriously. CSA and IMDA are working with telcos to strengthen defences, improve detection, and monitor for UNC3886. Telcos are conducting joint threat hunting, penetration testing, and capability upgrades. CSA will also roll out initiatives to boost skills across the cyber ecosystem for faster, stronger responses.
Minister Josephine Teo thanked cyber defenders for their work in Operation CYBER GUARDIAN and urged continued vigilance.
“Your actions, or inaction, can determine whether we succeed or fail in protecting our critical infrastructure, and our national security.” said Minister Josephine Teo. “I urge all of you to continue investing in upgrading your systems as well as your capabilities.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, China)
如有侵权请联系:admin#unsafe.sh