Written by AJ Vicens
Jun 8, 2022 | CYBERSCOOP
Chinese hackers have targeted and compromised “major telecommunications companies and network service providers” by exploiting publicly known vulnerabilities in a range of routers and network-attached data storage devices, the National Security Agency, FBI and the Department of Homeland Security’s Cybersecurity Infrastructure Security Agency said in a joint advisory Tuesday.
“Over the last few years, a series of high-severity vulnerabilities for network devices provided cyber actors with the ability to regularly exploit and gain access to vulnerable infrastructure devices,” the agencies wrote in the advisory. “In addition, these devices are often overlooked by cyber defenders, who struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices.”
The hackers “often mix their customized toolset with publicly available tools, especially by leveraging tools that are native to the network environment, to obscure their activity by blending into the noise or normal activity of a network.”
NSA, FBI and CISA joint advisory on Chinese state-sponsored hacking activity
The advisory explained the various ways Chinese state-sponsored hackers have routinely exploited publicly identified security vulnerabilities using publicly available exploit code “without using their own distinctive or identifying malware.”