State-sponsored Chinese threat actors compromise telecom and network service providers

2022-06-13 13:34

Since 2020, Chinese state-sponsored threat actors have operated large attack campaigns exploiting publicly identified security vulnerabilities.

In these campaigns, the attackers receive valid account access by exploiting Virtual Private Network vulnerabilities or other Internet-facing services without using their own distinctive or identifying malware, making it harder for threat intelligence analysts to evaluate the threat.

Unpatched network tools such as Small Office/Home Office routers and Network Attached Storage devices are being used by these attackers to successfully conduct intrusions on other entities.

The agencies have released a table containing the top network devices CVEs most frequently exploited by Chinese state-sponsored threat actors since 2020.

Leveraging native tools from the network environment is a technique they use often to obscure their activity and disappear in the noise of a network.

Telecommunications and network services providers targeted.

News URL

https://www.techrepublic.com/article/chinese-compromise-telecommunications/

#chinese #compromise #statesponsored #telecom #threat