Security News > 2022 > June > State-sponsored Chinese threat actors compromise telecom and network service providers
Since 2020, Chinese state-sponsored threat actors have operated large attack campaigns exploiting publicly identified security vulnerabilities.
In these campaigns, the attackers receive valid account access by exploiting Virtual Private Network vulnerabilities or other Internet-facing services without using their own distinctive or identifying malware, making it harder for threat intelligence analysts to evaluate the threat.
Unpatched network tools such as Small Office/Home Office routers and Network Attached Storage devices are being used by these attackers to successfully conduct intrusions on other entities.
The agencies have released a table containing the top network devices CVEs most frequently exploited by Chinese state-sponsored threat actors since 2020.
Leveraging native tools from the network environment is a technique they use often to obscure their activity and disappear in the noise of a network.
Telecommunications and network services providers targeted.
News URL
https://www.techrepublic.com/article/chinese-compromise-telecommunications/
Related news
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- Australian IT Pros Urged to Guard Against Chinese Cybersecurity Threats (source)