The NSA, CISA and FBI have released a Cybersecurity Advisory called “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices“. This advisory centers around the fact that hackers aligned with China are using a variety of techniques to exploit publicly-known vulnerabilities in equipment, allowing them to establish a broad network of compromised infrastructure. The advisory also lists a number of mitigation strategies that organizations need to take to protect themselves.
Jason Middaugh who is the Chief Information Security Officer, MRK Technologies had this to say:
The latest Cybersecurity Advisory from the NSA, CISA, and FBI drives home the importance of good cybersecurity fundamentals such as keeping assets updated/patched, changing default credentials to strong passphrases, and requiring multi-factor authentication wherever possible.
Many companies make the mistake of focusing on implementing the latest and greatest high-tech hardware/software and overlook the basics like system hardening and asset lifecycle management.
It does not matter whether it is the PRC attempting to exploit the device or an international cybercrime syndicate, if you don’t do the basics well it is only a matter of time before an internet facing asset is compromised.
Clearly this advisory is required reading for all enterprises. Because at the end of the day all enterprises are at risk. And it doesn’t matter if it’s China, or a ransomware group. All enterprises need to reduce their attack surface as much as possible to ensure that they are as safe from attack as possible.
UPDATE: Chris Olson, CEO, The Media Trust had this to say:
“Zero-days and other vulnerabilities in networked devices are an overlooked national security threat, especially in the midst of mounting geopolitical tensions. Unfortunately, the problem is not isolated to IT infrastructure, but also extends to the software supply chain, popular apps and mainstream websites. Today, foreign adversaries are targeting American consumers and businesses through code, with no borders to prevent malicious activity. In addition to following the advice published in the joint cybersecurity advisory, organizations should regularly monitor their digital ecosystem for the presence of untrusted third parties and remove bad actors to protect their users.”
Has A Chinese Police Force Been Pwned By Hackers Leaking The Data Of A Billion People?
Posted in Commentary with tags China, Hacked on July 4, 2022 by itnerdReports are surfacing that a hacker is claiming to have acquired a huge dump of data containing the personal information via a hack of the Shanghai police. The dump of data would relate to one billion Chinese citizens:
The anonymous internet user, identified as “ChinaDan,” posted on hacker forum Breach Forums last week offering to sell the more than 23 terabytes (TB) of data for 10 bitcoin BTC=, equivalent to about $200,000.
“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizen,” the post said.
“Databases contain information on 1 Billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details.”
Reuters was unable to verify the authenticity of the post.
This would be really embarrassing to the Chinese government if this proves to be true. And it would be the biggest data leak in history if this were true. And clearly the Chinese government is sensitive to that:
The hashtag “data leak” was blocked on Weibo by Sunday afternoon.
While this could mean that there’s something to this. It could also mean that the Chinese government is simply reacting to this as a matter of course. We’ll have to wait and see if this data leak is real. And if it is, expect fireworks as this would be a massive story.
Leave a comment »