Chinese Hackers Have A Global Impact

Uploaded on 2024-06-18 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, TECHNOLOGY--Hackers

Chinese state-sponsored hackers have gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, suggesting that the operation had a broader impact than previously known. 

The campaign targeted dozens of Western governments, international organisations, and a large number of companies in the defence industry.

"The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed the vulnerability," the Dutch National Cyber Security Centre (NCSC) published a new bulletin.  During this so-called zero-day period, the actor alone infected 14,000 devices." The names of the victims organisations have not been disclosed.

These findings are build on a previous statement from February 2024, which found that the attackers had breached a computer network used by the Dutch armed forces. The intrusion paved the way for the deployment of a backdoor codenamed COATHANGER from an actor-controlled server that's designed to grant persistent remote access to the compromised appliances, and act as a launching point for more malware.

The Dutch NCSC said the adversary opted to install the malware long after obtaining initial access in an effort to retain their control over the devices, although it's not clear how many victims had their devices infected with the implant.

These developments highlight the trend of cyber attacks hitting edge appliances to breach networks of interest. "Due to the security challenges of edge devices, these devices are a popular target for malicious actors... Edge devices are located at the edge of the IT network and regularly have a direct connection to the internet. In addition, these devices are often not supported by Endpoint Detection and Response (EDR) solutions." the NCSC said.

China has a number of affiliated hacking groups that it controls, including Volt Typhoon which was recently detected in the networks of critical US infrastructure firms for years. Also, APT31, which has been  blamed for UK voter data theft

NCSC.NL   |      NCSC.NL   |Hacker News   |      WithSecure  |    The Hindu   |   Techradar   |   HelpNetSecrurity     

Image: fotomay

You Might Also Read: 

Dutch Intelligence Agency Pinpoints Cyberattacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 




 

« Taming Aggressive Algorithms
Top Ten IoT Security Challenges & Solutions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: Navigating cloud security: The importance of posture management tools

ON-DEMAND WEBINAR: Navigating cloud security: The importance of posture management tools

Watch this webinar to see how cloud security posture management (CSPM) tools can fit into your cloud security strategy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Secure Forum

Cyber Secure Forum

The Cyber Secure Forum is a premier cybersecurity event dedicated to bringing together experts, and professionals to explore the latest trends, share knowledge, and discuss strategies.

KnowBe4

KnowBe4

KnowBe4 is an integrated platform for security awareness training combined with simulated phishing attacks.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

Cysec - TU Darmstadt

Cysec - TU Darmstadt

CYSEC is the Cybersecurity faculty of the Technical University of Darmstadt and performs internationally renowned research in numerous areas of cybersecurity.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Awake Security

Awake Security

Awake Security offer a security solution built on an AI platform that acts like the human brain to sense, detect, and respond to threats you may not even know exist.

CNA Insurance

CNA Insurance

CNA offers a market-leading suite of cyber liability insurance products and risk control resources for businesses of all sizes.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

GitGuardian

GitGuardian

Enable developers, ops, security and compliance professionals to enforce security policies across public and private code, and other data sources as well

BluBracket

BluBracket

BluBracket is the first comprehensive security solution that makes code safe—so developers can innovate and collaborate, and security teams can sleep at night.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

Vector Choice Technologies

Vector Choice Technologies

Vector Choice Technology Solutions has a long standing reputation in cyber security consulting since 2008.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.