US federal agencies claim that China is sponsoring cyber attacks and targeting major telecommunication and networking companies in the US via routers and Network Attached Storage devices.
Also read: Hackers Stole ₹7.38 Crore From Payment Gateway Firm Razorpay: Here’s What Happened
This is according to a report from the NSA, (highlighted by The Independent) where they’ve revealed that in the last few years, a series of high-severity vulnerabilities for network devices allowed cyber attackers the ability to frequently exploit and gain access to vulnerable networks and infrastructures
The devices were also often overlooked by cyber defenders who struggled to maintain and keep pace with routine software patching of Internet-facing services and devices.
Hackers made use of a technique that allowed them access to a victim’s accounts using publicly available code without really using their proprietary malware. All they had to do was implement their exploit before the victim’s organisation upgraded their system.
Federal agencies said in a statement, “Armed with valid accounts and credentials from the compromised RADIUS server and the router configurations, the cyber actors returned to the network and used their access and knowledge to successfully authenticate and execute router commands to surreptitiously route, capture, and exfiltrate traffic out of the network to actor-controlled infrastructure.”
Also read: Apple & Meta Gave Sensitive User Data To Hackers Posing As Officials, Report Says
The agencies recommend US government and private industries to apply security patches, disable unused ports as well as replace outdated infrastructure.
Rob Joyce, Director of Cybersecurity at NSA said on Twitter, “PRC sponsored actors are using access to telcos and ISPs to scale their targeting. To kick them out, we must understand the tradecraft and detect them beyond just initial access.”
For more in the world of technology and science, keep reading Indiatimes.com