The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have issued a joint advisory about Chinese state sponsored threats.
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA
Chinese threat actors have been detected actively exploiting unpatched network devices, particularly those used in small or home office infrastructure, such as routers and NAS devices. These are often overlooked for patching and upgrades by the people looking after these small networks because they concentrate more on the internet facing devices and endpoints.
These threat actors have also been monitored reacting to and attempting to exploit vulnerabilities as they appear in the common vulnerabilities and exposures (CVEs) – rapidly evolving attacks to take advantage of those slow to react to developing vulnerabilities.
The joint advisory has a useful list of mitigations – top of which is keep up to date with patches and updates.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Chinese attackers use unpatched network kit to loot telcos • The Register
