Etisalat
| Primary URL | Location | Industry | www[.]etisalat[.]com |
Country
United Arab Emirates
|
Telecommunications
|
|---|
Profile
Etisalat, also known as Emirates Telecommunications Corporation, is a major telecommunications provider and internet service provider headquartered in the United Arab Emirates. The company operates as a core infrastructure entity within the UAE, delivering essential voice, data, and broadband services to residential, enterprise, and government customers. Its network forms a fundamental part of the nation's digital ecosystem, supporting widespread connectivity and handling vast volumes of sensitive customer communications and billing information. As a national operator, Etisalat's services are integral to both commercial activities and personal communications across the Emirates, positioning it within a highly regulated and strategically critical sector. The company's role necessitates robust security practices to protect customer data and maintain service integrity against persistent cyber threats targeting the telecommunications industry.
In January 2020, Etisalat was explicitly identified as a victim of a sophisticated, globally coordinated cyber-espionage campaign. The attack was conducted by a Hezbollah-affiliated threat actor tracked as Lebanese Cedar, which exploited vulnerabilities in internet-facing Atlassian and Oracle servers to gain initial access. Following compromise, the attackers deployed web shells including ASPXSpy and the Explosive RAT to move laterally within internal networks, specifically targeting sensitive customer databases and call detail records for intelligence gathering. This incident was part of a broader operation affecting telecommunications providers and ISPs across multiple countries, with security researchers attributing the campaign to Lebanese Cedar based on distinctive malware signatures and the reuse of attack infrastructure across 254 compromised servers worldwide. The breach underscored the acute vulnerability of telecom infrastructure to state-aligned threat actors seeking to harvest communications data and demonstrated the advanced tradecraft employed in such operations.