Warning: Chinese Cyber Attacks

State-sponsored threat actors that are backed by the People’s Republic of China are targeting telecoms and network service providers says the US government. The US National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) have issued an advisory Alert on cyber attacks from China.

Malicious cyber activities attributed to the Chinese government targeted, and continue to target, a variety of industries and organisations in the United States.

These cyber attacks include “healthcare, financial services, defence industrial base, energy, government facilities, chemical, critical manufacturing (including automotive and aerospace),communications, IT (including managed service providers), international trade, education, video gaming, faith-based organisations, and law firms”, says the US Cybersecurity Agency.

They say that these state sponsored cyber actors continue to exploit “vulnerabilities in order to establish a broad network of compromised infrastructure”. They also say that state-sponsored actors have been working since 2020 to conduct widespread cyber campaigns that exploit Common Vulnerabilities and Exposures (CVEs). By exploiting the CVEs, threat actors were able to exploit code against virtual private networks or public facing applications, authorities said.

This allows threat actors to avoid using their own distinctive or identifying malware, as long as they acted before targeted organisations updated their own systems.

The advisory describes the ways in which state-sponsored cyber actors continue to exploit publicly known vulnerabilities to establish a broad network of compromised infrastructure. “These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organisations”, says the report. “Upon gaining an initial foothold into a telecommunications organisation or network service provider, Chinese state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorisation, and accounting”.

The advisory details the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities, primarily CVEs, associated with network devices routinely exploited by the cyber actors since 2020.

Furthermore, a recent post from Google says that government backed cyber attackers from Iran, N.Korea, Russia and China are all spreading malware by taking advantage of the public’s interest in the Ukrainian war.

CISA:       CISA:      CUNA:    Newswek:    Cybersecurity Dive:    Google:

You Might Also Read: 

US Banks Hit By Russian Cyber Attacks:

 

« Ransomware & Cybercrime
Channel Islands Used To Launch Global Cyber-Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SecurityMetrics

SecurityMetrics

SecurityMetrics is leader in data security, PCI, and HIPAA compliance solutions

Sucuri

Sucuri

Sucuri have offered holistic website security solutions since 2008 including malware removal, malware monitoring and website protection services.

SRI International

SRI International

SRI International is a research institute performing client-sponsored R&D in a broad range of study areas including computing and cybersecurity.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

Havelsan

Havelsan

HAVELSAN is a leading technology company in Turkey developing indigenous systems for domestic and foreign military, public and private sector clients.

IT Career Switch

IT Career Switch

An IT Career Switch Traineeship is the easiest way to start a new career in IT or Cybersecurity with fantastic career prospects.

Digital Magics

Digital Magics

Digital Magics is an incubator for innovative startups which offer content and services with high technological value. Areas of focus include IoT, Enterprise Software, AI, Industry 4.0 and Blockchain.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Let's Encrypt

Let's Encrypt

Let’s Encrypt is a free, automated, and open digital certificate authority, run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

CyberScotland

CyberScotland

The CyberScotland Partnership is a collaboration of key strategic stakeholders, brought together to focus efforts on improving cyber resilience across Scotland in a coordinated and coherent way.

Prelude

Prelude

Prelude offer the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming.

RIoT Secure

RIoT Secure

RIoT Secure AB is a technology enabler within the IoT industry - created with a vision to ensure security technology exists in the foundations of software development for IoT solutions.

Seven AI

Seven AI

Seven AI develops cyber security software designed to identify online threats.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

CyberNINES

CyberNINES

CyberNINES is a business specializing in helping US Department of Defense contractors become compliant and attest to federal cybersecurity regulation requirements.