Warning: Chinese Cyber Attacks

State-sponsored threat actors that are backed by the People’s Republic of China are targeting telecoms and network service providers says the US government. The US National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) have issued an advisory Alert on cyber attacks from China.

Malicious cyber activities attributed to the Chinese government targeted, and continue to target, a variety of industries and organisations in the United States.

These cyber attacks include “healthcare, financial services, defence industrial base, energy, government facilities, chemical, critical manufacturing (including automotive and aerospace),communications, IT (including managed service providers), international trade, education, video gaming, faith-based organisations, and law firms”, says the US Cybersecurity Agency.

They say that these state sponsored cyber actors continue to exploit “vulnerabilities in order to establish a broad network of compromised infrastructure”. They also say that state-sponsored actors have been working since 2020 to conduct widespread cyber campaigns that exploit Common Vulnerabilities and Exposures (CVEs). By exploiting the CVEs, threat actors were able to exploit code against virtual private networks or public facing applications, authorities said.

This allows threat actors to avoid using their own distinctive or identifying malware, as long as they acted before targeted organisations updated their own systems.

The advisory describes the ways in which state-sponsored cyber actors continue to exploit publicly known vulnerabilities to establish a broad network of compromised infrastructure. “These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organisations”, says the report. “Upon gaining an initial foothold into a telecommunications organisation or network service provider, Chinese state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorisation, and accounting”.

The advisory details the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities, primarily CVEs, associated with network devices routinely exploited by the cyber actors since 2020.

Furthermore, a recent post from Google says that government backed cyber attackers from Iran, N.Korea, Russia and China are all spreading malware by taking advantage of the public’s interest in the Ukrainian war.

CISA:       CISA:      CUNA:    Newswek:    Cybersecurity Dive:    Google:

You Might Also Read: 

US Banks Hit By Russian Cyber Attacks:

 

« Ransomware & Cybercrime
Channel Islands Used To Launch Global Cyber-Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CloudSigma

CloudSigma

CloudSigma, a pure-cloud IaaS provider offers flexible and innovative cloud hosting solutions for companies of all sizes both in Europe and the US.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

Inter-American Cooperation Portal on Cyber-Crime

Inter-American Cooperation Portal on Cyber-Crime

The Inter-American Cooperation Portal on Cyber-Crime was created to facilitate and streamline cooperation and information exchange among government experts from OAS member states.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

Velta Technology

Velta Technology

Velta Technology provide digital safety and cybersecurity solutions for the industrial space.

Outseer

Outseer

Outseer is a leading technology company in the fight against payments fraud. Outseer reliably determines authentic customers from fraudulent behavior.

Kalima Systems

Kalima Systems

Kalima’s mission is to securely collect, transport, store and share Industrial IoT (IIoT) trusted data in real time with devices, services and mobile workers.

Netstar

Netstar

Netstar is an IT Support company based in Central London providing fully managed IT Support, Cyber Security and Technology Consulting services.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

CyBourn

CyBourn

Cybourn's diverse offerings include engineering, analysis, product development, assessment, and advisory services in the cybersecurity space.

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center is a state-of-the-art facility to deliver advanced cyber training programs and build the next generation of Azerbaijan’s cybersecurity professionals.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.

Cynclair

Cynclair

Cybersecurity is a complex beast. And we're the beast-tamers. Our team thrives on deciphering the latest threats, building cutting-edge defenses, and making your digital world much safer.