Chinese hackers snooped on US telco traffic for years

Chinese state-sponsored actors have been successfully compromising the networks of major US telecommunications providers for years, using t...

Chinese state-sponsored actors have been successfully compromising the networks of major US telecommunications providers for years, using the foothold gained to assault other targets in both public and private sectors. 

This stark warning was jointly issued by the National Security Agency (NSA), Cybersecurity & Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI).

According to the warning, multiple Chinese hacking groups were targeting known vulnerabilities in unpatched devices such as routers. Compromised endpoints would then be made part of a larger malicious infrastructure, leveraged to mount even more dangerous attacks. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

"Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting," it was said in the warning.

The threat actor would then steal login data to access SQL databases, exfiltrating administrator credentials from critical Remote Authentication Dial-In User Service (RADIUS) servers.

"Armed with valid accounts and credentials from the compromised RADIUS server and the router configurations, the cyber actors returned to the network and used their access and knowledge to successfully authenticate and execute router commands to surreptitiously route, capture, and exfiltrate traffic out of the network to actor-controlled infrastructure," the announcement further states.

There is a pretty big list of CVEs the threat actors were using to attack telcos, which can be found on this link. Apparently, the Chinese have been at it since at least 2020.

The three government agencies have urged all affected parties - companies in both private and public sectors, in the US, as well as in allied countries, to keep vigilant - apply patches as soon as they’re made available, replace obsolete gear, disable unnecessary ports, and keep a strong stack of antivirus and firewall solutions.

Segmenting networks to prevent threat actors from moving laterally is also being recommended.

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/e3zTdxr



Apps,3856,Business,149,Camera,1155,Earn $$$,2,Gadgets,1740,Games,926,GTA,1,Innovations,2,Mobile,1696,Paid Promotions,4,Promotions,4,Technology,7935,Trailers,796,Travel,37,Trendly News,23994,Video,5,XIAOMI,13,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Chinese hackers snooped on US telco traffic for years
Chinese hackers snooped on US telco traffic for years
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy