Protect yourself from Stealthy Cyber Attacks

State-sponsored hackers from China have developed sophisticated techniques that allow them to infiltrate government and business networks and spy on victims for long periods without being detected by common cybersecurity tools, according to researchers at Google’s Mandiant division. Over the past year, the hackers have targeted devices on the edge of networks and exploited flaws in software built by companies such as VMware and Citrix Systems. The attacks are highly advanced and have gone undetected for years, indicating a new level of sophistication from China. Mandiant has linked the activity to a suspected China-based hacking group because of the victims’ profiles, the level of ingenuity observed, and the resources required, among other reasons. 

The Chinese government has repeatedly denied involvement in hacking foreign businesses or governments and accused the US and its allies of the practice. The scope of China’s intrusion into Western targets is likely far broader than currently known due to the stealthy nature of the attacks, which are difficult for victims to discover and investigate. Concerns about Chinese espionage against Western countries have increased following the discovery of a surveillance balloon in US airspace and a push in Washington to ban the social media app TikTok due to data security fears. 

Defense contractors, government agencies, technology firms, and telecommunications firms are among the targets of the newly discovered Beijing-linked attacks. Although the number of identified victims may be small, the impact is significant because of the importance of the stolen information. The success of Chinese hacking groups in compromising military targets and defense contractors to steal advanced military technology has long been a concern for senior US officials. In an annual worldwide threat assessment, US intelligence officials stated that China “probably currently represents the broadest, most active, and persistent cyber espionage threat to US government and private-sector networks.” 

The hackers linked to China have breached systems designed to protect companies and have exploited previously patched bugs in firewall and mobile access software. Mandiant has warned of the attacks and has discovered two vulnerabilities from Fortinet that were being exploited by the hackers, that have since been patched. The hackers have also developed a system that enables them to retain access to a device even after its software has been updated, indicating the amount of effort they are willing to expend in their attacks. The extent of intrusion activity is much greater than currently known, according to Mandiant. Companies affected by the attacks include Fortinet, SonicWall, VMware, and Citrix Systems. 

Our Endpoint Defence and Response Solution is designed specifically to protect you from unknown threat such as this contact us to find out more.   

Latest News Stories