{"id":47032,"date":"2022-06-08T07:56:06","date_gmt":"2022-06-08T07:56:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/beijing-backed-baddies-target-unpatched-networking-kit-to-attack-telcos\/"},"modified":"2022-06-08T07:56:06","modified_gmt":"2022-06-08T07:56:06","slug":"beijing-backed-baddies-target-unpatched-networking-kit-to-attack-telcos","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/beijing-backed-baddies-target-unpatched-networking-kit-to-attack-telcos\/","title":{"rendered":"Beijing-backed baddies target unpatched networking kit to attack telcos"},"content":{"rendered":"

State-sponsored Chinese attackers are actively exploiting old vulnerabilities to “establish a broad network of compromised infrastructure” then using it to attack telcos and network services providers.<\/p>\n

So say the United States National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), which took the unusual step of issuing a joint advisory<\/a> that warns allied governments, critical infrastructure operators, and private industry organizations to hurry up and fix their IT estates.<\/p>\n

The advisory states that network devices are the target of this campaign and lists 16 flaws \u2013 some dating back to 2017 and none more recent than April 2021 \u2013 that the three agencies rate as the most frequently exploited.<\/p>\n

\n

Attackers blend into the noise or normal activity of a network.<\/p>\n<\/blockquote>\n

China has not had to work hard to run this campaign. The advisory suggests Beijing’s minions use open source tools like RouterSploit and RouterScan to find potentially vulnerable boxes.<\/p>\n

Unpatched boxes are easily compromised \u2013 especially when they’re routers installed at homes or small businesses.<\/p>\n