Hackers are using these flaws to target VPNs and network devices warn the FBI and NSA

Patch these network device flaws that have been used by state-sponsored attackers.

The US is warning that hackers working for China have been exploiting publicly known flaws in network devices as part of broader attacks to steal and manipulate network traffic.

The National Security Agency (NSA), Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have listed 16 flaws in network device software from 10 brands including Cisco, Fortinet, Netgear, MikroTik, Pulse Secure, and Citrix that were publicly disclosed between 2018 and 2021. Most of the flaws are rated as critical.

These flaws are the ones most frequently exploited by hackers backed by the People’s Republic of China (PRC) since 2020, according to the agencies.

"Since 2020, PRC state-sponsored cyber actors have conducted widespread campaigns to rapidly exploit publicly identified security vulnerabilities. This technique has allowed the actors to gain access into victim accounts using publicly available exploit code against virtual private network (VPN) services or public facing applications – without using their own distinctive or identifying malware – so long as the actors acted before victim organizations updated their systems."

The Agencies

The warning concerns attacks exploiting bugs affecting small business routers, network attached storage (NAS) devices, and enterprise VPNs. But the agencies also detail scanning activity and compromises of specialized authentication servers used by major telecommunications companies and network service providers.

Network devices like small business routers and NAS devices serve as additional access points to route the actors’ command and control (C2) traffic.

More News … 

Share the news: