A cyber security consultant, which includes the US National Security Agency, the Cyber Security and Infrastructure Security Agency, and the Federal Bureau of Investigation, has said that in a cyber-espionage campaign lasting at least two years, the Chinese government-backed Hackers have broken into a number of major telecommunications businesses around the world.
it was found that hackers Achieved its goals by taking advantage of old and well known critical vulnerabilities in common networking equipment.
US officials said the hackers used the stolen devices to gain full access to network traffic of several private companies and government agencies once they had gained a foothold within their targets.
However, the advisory did not list the identities of those who were affected by the campaign nor did it describe the impact of the campaign. But US officials point to specific networking devices, such as routers and switches, that Chinese hackers are regularly suspected of targeting, exploiting serious and well-known flaws that basically give attackers free reign over their targets.
The US advisory said: “These tools are often overlooked by cyber defenders, who struggle to maintain and maintain regular software patching of Internet-facing services and endpoint devices.”
It should be noted that for intelligence organizations, telecommunications companies are a particularly valuable target. These companies are responsible for most of the Internet infrastructure, as well as many private networks around the world.
Therefore, if hackers succeed in hacking them, they will gain access to a whole new universe of valuable espionage possibilities.
In a recent cyberattack, Chinese hackers allegedly exploited networking equipment from major vendors such as Cisco, Citrix, Zyxel, QNAP, Dritec, Mikrotik, D-Link and Netgear.
All of the flaws were public knowledge, including a serious five-year-old hole in Netgear routers that let attackers bypass authentication checks and execute any code they wanted, giving them full control of the device and access to the victim’s network. Gets unrestricted access.
The success of the campaign shows how many years later, software defects can be dangerous even after they are identified and made public.
Zero-day attacks, or hacks that use previously discovered flaws, are powerful and garner a lot of attention. However, known defects remain alarming because it can be challenging to update and secure networks and devices with limited resources, staff, and funds.
However, according to the findings, Chinese espionage often begins with surveying networks targeted by hackers and learning the manufacturers, models, versions and known vulnerabilities of routers and networking equipment using open-source scanning tools such as RouterSploit and RouterScan.
With such information, threat actors were able to gain access to networks and then break into servers that provide authentication and identification for targeted businesses by exploiting old but unpublished vulnerabilities.
It was also said that the hackers successfully ejected the targeted network’s traffic and copied it to their machines by stealing usernames and passwords, reconfiguring routers, and stealing usernames and passwords. They were able to spy on almost everything going on inside businesses using these approaches.
In an effort to erase evidence of the attack, the hackers then wiped log files on every machine they touched. Despite the attackers’ best efforts to hide their footprints, US officials have detected Cyber espionage campaign but did not say how they discovered the attacks.
read all breaking news , today’s fresh news watch top videos And live TV Here.