Security Researchers uncover a massive espionage campaign involving the theft of Call Detail Records, CDRs, from hacked mobile providers

According to a Boston based security firm, Cybereason, hackers have systematically broken in to more than 10 mobile carrier networks around the world and have stolen Call detail records (CDR) revealing times and dates of calls, and their cell-based locations. This seem to have gone over for seven years and seem to be ongoing. Call detail records, the CDRs are the most important to any intelligence agency’s collection efforts as hackers or people behind them could obtain all the information about a phone without ever breaking in to a phone.
So in addition to NSA, another entity, a foreign or external entity may know more about you and me.
Security Researchers uncover a massive espionage campaign involving the theft of Call Detail Records, CDRs, from hacked mobile providers.
Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers.

In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with Chinese-affiliated threat actors. Find the complete report here.
Typical CDR fields;

• historyid - This is the call number - each call has a number, internal to 3CX. Useful for call tracking.
• callid - This is the Call ID - the unique identifier of the call.
• duration - Call Duration time.
• time-start - Call Start time.
• time-answered - Answered time.
• time-end - Call terminated time.
• reason-terminated - Why the call was terminated.
• from-no - Source caller number.
• to-no - Destination To Number.
• from-dn - Distinguished name of caller - this is 3CX Specific Can be omitted by 3rd party developers.
• to-dn - Distinguished name of To - Destination - this is 3CX Specific Can be omitted by 3rd party developers.
• dial-no - Dialled number.
• reason-changed - The Reason why a change occurred in a call - example in a transfer you will see "ReplacedDst" which means that the destination was replaced with something else.
• final-number - Final Number - the final number which was replaced (In a transfer this will be the final connected number).
• final-dn - The Distinguished name of the final number entity - this is 3CX Specific and can be omitted by 3rd party dev.
• bill-code - Billing code dialed after the destination (for example: **Sales).
• bill-rate  - The billing rate that matched the prefix of the rate. This is used to apply a cost calculation variance.
• bill-cost - The Cost of the call calculated with simple proportion / minute.
• bill-name - The rate name of the billing variance.
• chain - All endpoints which were involved in the call.
• from-type - Source type.
• to-type - Destination type.
• final-type - Final destination type.
• from-dispname - Source Display Name.
• to-dispname - Destination Display Name.
• final-dispname - Final destination Display Name.

Are we getting too comfortable with Amazon Ring, perhaps soon to be on security drones, delivery drones and cars.

Are we being far more comfortable with surveillance when we think we’re the only ones watching? Atlantic's Sidney Fussell along with EFF thinks, yes. I do not buy into trends like Amazon's Ring but that becomes non issue if my neighbors buy in to free or discounted Amazon Rings. While they can watch how the UPSman throw packages around, Police and who ever else are watching who comes in and out of my place as well as vehicles. Now I hear ring will be on cameras on vehicles and even on drones flying overhead. Nice it is coming all together for Amazon, the delivery drone can also watch the neighborhood.

“I’m concerned about police departments starting to imagine the public-safety infrastructure and hinging it on the whims of a company like Amazon, Are they coming in and just trying to disrupt and get quick market dominance? And then 10 years from now there’s all sorts of unforeseen [consequences] because we didn’t think through these issues when we adopted these technologies?” says Dave Maass, the Electronic Frontier Foundation’s senior investigative researcher. 

In most cases, when police want to search your neighborhood, they need a warrant and a reason to believe something’s amiss. Now “reasonable suspicion” is going the way of dial-up. Fifty police departments across the United States are partnering with Amazon to collect footage from people who use Ring, the company’s internet-connected doorbell. Some are offering discounted or free Ring doorbells in exchange for a pledge to register the devices with law enforcement and submit all requested footage. Amazon has also filed patents to expand its Ring line beyond doorbells and into cameras mounted on motor vehicles, inside wearable “smart glasses,” even atop security drones that circle your home and call the police if they detect a disturbance.

Read a much more detailed account at Atlantic's Amazon Ring Will Survive the Anti-surveillance Backlash.
Are we getting too comfortable with Amazon Ring, perhaps soon to be on security drones, delivery drones, smart glasses and cars.