US Accuses Chinese Government Hackers Of Breaching Telcos To Pry On Network Traffic

The NSA, CISA, and the FBI published a joint cybersecurity advisory stating that Chinese hackers have taken advantage of publicly known vulnerabilities to breach anything from unpatched small office/home office (SOHO) routers all the way to large enterprise networks.

The hackers used the breached devices as part of their own attack infrastructure as command-and-control servers and proxy systems they could utilize to exploit and breach more networks.

The hackers then stole credentials to access SQL databases and used SQL commands to gather user and admin credentials from critical Remote Authentication Dial-In User Service (RADIUS) servers.

“The PRC has been exploiting specific techniques and common vulnerabilities since 2020 to use to their advantage in cyber campaigns,” the NSA said.

By exploiting these vulnerabilities, the Chinese-sponsored hackers have built broad infrastructure networks that made it possible for them to launch more public and private sector breaches.

The NSA, CISA, and the FBI strongly urged US and allied governments, critical infrastructure, and private organizations to have mitigation measures that would aid in minimizing the risk of similar attacks in their networks.

Moreover, the federal agencies strongly encourage organizations to apply security patches soonest, disable unnecessary ports and protocols to lessen their attack surface, and replace end-of-life network infrastructure no longer receiving security patches.

They also recommend segmenting networks to stop lateral movement attempts and allowing robust logging on internet-exposed services to monitor and detect attack attempts efficiently.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web