U.S. security agencies have warned that hackers backed by the Chinese regime have been targeting “major telecommunications companies and network service providers” since 2020.
In a June 7 cybersecurity advisory, they urged those affected to take immediate remedial action.
The agencies pointed out that the hackers allegedly utilized open-source tools, such as RouterSploit and RouterScan, and known software flaws in networking devices such as routers.
“[T]hese devices are often overlooked by cyber defenders, who struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices,” noted the agencies.
The agencies did not identify the victim companies in the advisory, but they included a list of the common vulnerabilities and exposures (CVEs) most frequently exploited by the Chinese regime’s hackers since 2020, together with vulnerability types and the major vendors—Cisco, Citrix, D-Link, Fortinet, and Netgear.
They urged potential victims to shore up their networks by applying immediate patches, updating infrastructure, and disabling unnecessary ports and protocols.
Another Chinese regime-backed hacking activity the CISA said was conducted by the Chinese Communist Party’s (CCP) Ministry of State Security (MSS) Hainan State Security Department. These hackers were identified as APT40 by the CISA and the Federal Bureau of Investigation (FBI) in a joint advisory last year.
APT40 “targeted governmental organizations, companies, and universities in a wide range of industries—including biomedical, robotics, and maritime research—across the United States, Canada, Europe, the Middle East, and the South China Sea area, as well as industries included in China’s Belt and Road Initiative,” the advisory said.
The following are a couple of cases, among the many, of cyberespionage campaigns conducted by CCP hackers.
Chinese Computing Hacking Contest
China hosts its own computer hacking event, the Tianfu Cup international cybersecurity contest, where the best Chinese hackers demonstrate their skills.Improving US Cybersecurity
Responding to the June advisory from American security agencies, an article in MIT Technology Review stated that preventive actions are necessary to detect and guard against Chinese cyber espionage campaigns.“[Chinese hackers] stole usernames and passwords, reconfigured routers, and successfully exfiltrated the targeted network’s traffic and copied it to their own machines. With these tactics, they were able to spy on virtually everything going on inside the organizations,” said the article by Patrick Howell O'Neill.
“At present, U.S. agencies suffer from poor cyber hygiene, meaning the practices and precautions used to keep sensitive data safe and secure from attackers are substandard,” Mac Ghlionn wrote.
“This explains why CCP-backed hackers have stolen the data of at least 206 million Americans. Without adequate cybersecurity measures, protected health information (PHI), personal information, and intellectual property are at risk of being compromised.”
Mac Ghlionn added that according to a Senate report, seven out of eight federal agencies, are failing to protect critical data.
The Epoch Times reached out to the Chinese embassy in Washington.
An embassy spokesperson in a reply email denied the hacking allegations and claimed that the United States is “groundlessly accusing China on cyber security issues.”