US Accuses Chinese Government Hackers Of Breaching Telcos To Pry On Network Traffic

Share post:

The NSA, CISA, and the FBI published a joint cybersecurity advisory stating that Chinese hackers have taken advantage of publicly known vulnerabilities to breach anything from unpatched small office/home office (SOHO) routers all the way to large enterprise networks.

The hackers used the breached devices as part of their own attack infrastructure as command-and-control servers and proxy systems they could utilize to exploit and breach more networks.

The hackers then stole credentials to access SQL databases and used SQL commands to gather user and admin credentials from critical Remote Authentication Dial-In User Service (RADIUS) servers.

“The PRC has been exploiting specific techniques and common vulnerabilities since 2020 to use to their advantage in cyber campaigns,” the NSA said.

By exploiting these vulnerabilities, the Chinese-sponsored hackers have built broad infrastructure networks that made it possible for them to launch more public and private sector breaches.

The NSA, CISA, and the FBI strongly urged US and allied governments, critical infrastructure, and private organizations to have mitigation measures that would aid in minimizing the risk of similar attacks in their networks.

Moreover, the federal agencies strongly encourage organizations to apply security patches soonest, disable unnecessary ports and protocols to lessen their attack surface, and replace end-of-life network infrastructure no longer receiving security patches.

They also recommend segmenting networks to stop lateral movement attempts and allowing robust logging on internet-exposed services to monitor and detect attack attempts efficiently.

For more information, read the original story in Bleepingcomputer.


Related articles

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

Cyber Security Today, Week in Review for week ending Friday, June 14, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, June 14th,...

A conversation with Senator Colin Deacon: Driving innovation in Canada’s government. Hashtag Trending, the Weekend Edition

Senator Colin Deacon has brought a fresh perspective to the Canadian Senate, leveraging his background as a startup...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways