Warning: Chinese Cyber Attacks

State-sponsored threat actors that are backed by the People’s Republic of China are targeting telecoms and network service providers says the US government. The US National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) have issued an advisory Alert on cyber attacks from China.

Malicious cyber activities attributed to the Chinese government targeted, and continue to target, a variety of industries and organisations in the United States.

These cyber attacks include “healthcare, financial services, defence industrial base, energy, government facilities, chemical, critical manufacturing (including automotive and aerospace),communications, IT (including managed service providers), international trade, education, video gaming, faith-based organisations, and law firms”, says the US Cybersecurity Agency.

They say that these state sponsored cyber actors continue to exploit “vulnerabilities in order to establish a broad network of compromised infrastructure”. They also say that state-sponsored actors have been working since 2020 to conduct widespread cyber campaigns that exploit Common Vulnerabilities and Exposures (CVEs). By exploiting the CVEs, threat actors were able to exploit code against virtual private networks or public facing applications, authorities said.

This allows threat actors to avoid using their own distinctive or identifying malware, as long as they acted before targeted organisations updated their own systems.

The advisory describes the ways in which state-sponsored cyber actors continue to exploit publicly known vulnerabilities to establish a broad network of compromised infrastructure. “These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organisations”, says the report. “Upon gaining an initial foothold into a telecommunications organisation or network service provider, Chinese state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorisation, and accounting”.

The advisory details the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities, primarily CVEs, associated with network devices routinely exploited by the cyber actors since 2020.

Furthermore, a recent post from Google says that government backed cyber attackers from Iran, N.Korea, Russia and China are all spreading malware by taking advantage of the public’s interest in the Ukrainian war.

CISA:       CISA:      CUNA:    Newswek:    Cybersecurity Dive:    Google:

You Might Also Read: 

US Banks Hit By Russian Cyber Attacks:

 

« Ransomware & Cybercrime
Channel Islands Used To Launch Global Cyber-Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Information Security Forum (ISF)

Information Security Forum (ISF)

The ISF is a leading authority on information security and risk management.

MetaFlows

MetaFlows

MetaFlows’ SaaS malware detection & prevention software passively analyzes the behavior and the content of Internet traffic.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

CyberForce Program - US Department of Energy

CyberForce Program - US Department of Energy

The Department of Energy’s (DOE) CyberForce Program is a workforce development program that seeks to inspire and develop the next generation of cyber defenders for the energy sector.

LuJam Cyber

LuJam Cyber

LuJam Cyber is a cybersecurity company that provides protection to SME Networks.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

Infopercept Consulting

Infopercept Consulting

Infopercept is a leading cybersecurity company in India, providing a critical layer of security to protect business information, infrastructure & assets across the organization.

Ultra Electronics

Ultra Electronics

Ultra specialises in providing application-engineered bespoke solutions. We focus on mission critical and intelligent systems in the defence, security, critical detection & control markets.

Fluid Attacks

Fluid Attacks

Fluid Attacks specialize in red team operations as well as technology development that continuously enhance our security testing services.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.