Chinese Hackers Have A Global Impact

Uploaded on 2024-06-18 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, TECHNOLOGY--Hackers

Chinese state-sponsored hackers have gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, suggesting that the operation had a broader impact than previously known. 

The campaign targeted dozens of Western governments, international organisations, and a large number of companies in the defence industry.

"The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed the vulnerability," the Dutch National Cyber Security Centre (NCSC) published a new bulletin.  During this so-called zero-day period, the actor alone infected 14,000 devices." The names of the victims organisations have not been disclosed.

These findings are build on a previous statement from February 2024, which found that the attackers had breached a computer network used by the Dutch armed forces. The intrusion paved the way for the deployment of a backdoor codenamed COATHANGER from an actor-controlled server that's designed to grant persistent remote access to the compromised appliances, and act as a launching point for more malware.

The Dutch NCSC said the adversary opted to install the malware long after obtaining initial access in an effort to retain their control over the devices, although it's not clear how many victims had their devices infected with the implant.

These developments highlight the trend of cyber attacks hitting edge appliances to breach networks of interest. "Due to the security challenges of edge devices, these devices are a popular target for malicious actors... Edge devices are located at the edge of the IT network and regularly have a direct connection to the internet. In addition, these devices are often not supported by Endpoint Detection and Response (EDR) solutions." the NCSC said.

China has a number of affiliated hacking groups that it controls, including Volt Typhoon which was recently detected in the networks of critical US infrastructure firms for years. Also, APT31, which has been  blamed for UK voter data theft

NCSC.NL   |      NCSC.NL   |Hacker News   |      WithSecure  |    The Hindu   |   Techradar   |   HelpNetSecrurity     

Image: fotomay

You Might Also Read: 

Dutch Intelligence Agency Pinpoints Cyberattacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 




 

« Taming Aggressive Algorithms
Top Ten IoT Security Challenges & Solutions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

SafeTech Informatics & Consulting

SafeTech Informatics & Consulting

Safetech's OTShield detects, prevents and analyses cyber-attacks in SCADA and Industrial IoT systems by utilising state of the art deception techniques.

Turnkey Consulting

Turnkey Consulting

Turnkey Consulting is a leading provider of Integrated Risk Management (IRM), Identity Access Management (IAM), and Cyber and Application Security.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

Centre for Cyber Security Research and Innovation (CSRI) - Deakin University

Centre for Cyber Security Research and Innovation (CSRI) - Deakin University

CSRI solves the cyber security threats of tomorrow, today. We work with industry and government leaders on innovative research that has real-world impact.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

FourNet

FourNet

FourNet is an award-winning provider of cloud and managed services; we work closely with our clients to enable digital transformation across their organisation.

CyberloQ Technologies

CyberloQ Technologies

CyberloQ Secure is a cybersecurity solution that enables clients to implement highly robust Multi-Factor Authentication (MFA) that includes client-defined location-based geofencing constraints.

HaystackID

HaystackID

HaystackID provides industry-leading computer forensics, eDiscovery, and attorney document review experts to help with complex, data-intensive investigations and litigation.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.