Friendica Social Network

#China government #hackers penetrate #US #internet providers to #spy
 Beijing’s hacking effort has “dramatically stepped up from where it used to be,” says fmr top US #cybersecurity ofcl.  #Chinese govt-backed hackers have penetrated deep into US ISPs in recent months to spy on their #users. 
The unusually aggressive & sophisticated attacks include access to ≥2 major providers w/millions of customers as well as several smaller providers.

#InfoSec #security #geopolitics
https://www.washingtonpost.com/technology/2024/08/27/chinese-government-hackers-penetrate-us-internet-providers-spy/

Chinese government hackers penetrate U.S. internet providers to spy

Beijing’s hacking effort has “dramatically stepped up from where it used to be,” says former top U.S cybersecurity official.

^{Joseph Menn (The Washington Post)}

#internet #security #infosec #China #cybersecurity #us #hackers #chinese #spy #geopolitics #users

reshared this

Unknown parent

Nonilex

Unknown parent • 1 month ago • •

Though there is no evidence that the new inroads are aimed at anything other than gathering #intelligence, some of the techniques & resources employed are associated w/those used in the past year by a #China-backed group known as #VoltTyphoon…. #US intelligence ofcls said that group sought access to equipment at Pacific #ports & other #infrastructure to enable China to sow #panic & #disrupt America’s ability to move #troops, #weaponry & supplies to #Taiwan if armed conflict breaks out.
#security

#security #China #us #Intelligence #taiwan #infrastructure #Panic #volttyphoon #ports #disrupt #troops #weaponry

in reply to Nonilex

Nonilex

in reply to Nonilex • 1 month ago • •

#Lumen researchers said they had identified 3 US ISPs that had been hacked this summer, one of them large, along w/another #US company & 1 in #India.
 In a blog made public Tues, Lumen said the #hackers used a previously unknown vulnerability, known as a #ZeroDay flaw, in a program made by #VersaNetworks for managing wide-area networks. #Versa acknowledged the critical vulnerability late last week, warning only its direct customers. 
#InfoSec #security #China #geopolitics
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/

Taking the Crossroads: The Versa Director Zero-Day Exploitation - Lumen

BLL discovered an active 0day exploit in a popular SD-WAN device that is used by many ISPs, we attribute this to Volt Typhoon based on TTPs and some of their router control network

^{Black Lotus Labs (Lumen)}

#security #India #infosec #China #us #hackers #geopolitics #zeroday #lumen #versanetworks #versa

Unknown parent

Nonilex

Unknown parent • 1 month ago • •

“This is privileged, high-level connectivity to interesting customers,” said Mike Horka, a researcher at Lumen Technologies & a fmr #FBI agent. It was notable, he added, that the groups considered the effort important enough to exploit previously undiscovered #software flaws that could have been preserved for later use.

#InfoSec #espionage #ISP #Internet #tech #cybersecurity #security #China #US #geopolitics

#internet #security #software #infosec #China #cybersecurity #tech #us #FBI #geopolitics #espionage #ISP

Unknown parent

Nonilex

Unknown parent • 1 month ago • •

#DNS manipulation is something of a specialty among Chinese govt #hacking groups. A mysterious campaign identified earlier this year by #security experts at #Infoblox & attributed to #China involved using the so-called Great #Firewall of China, which normally misdirects people on the mainland trying to reach restricted services or content.

#InfoSec #espionage #ISP #Internet #tech #cybersecurity #US #geopolitics

#internet #security #infosec #Hacking #China #cybersecurity #tech #us #dns #geopolitics #espionage #firewall #ISP #infoblox

in reply to Nonilex

Nonilex

in reply to Nonilex • 1 month ago • •

On Mon, the Santa Clara, CA-based company published a blog post about the problem, saying that it had issued a patch & that “impacted customers failed to implement system hardening & #firewall guidelines.”

#Lumen wrote that it located #malware inside #ISP routers serving certain groups or individual customers that could intercept passwords from those customers. Lumen said it believed the malicious #software was being used by #VoltTyphoon.

#InfoSec #espionage #security #China #US #geopolitics

#security #software #infosec #China #us #malware #geopolitics #espionage #firewall #ISP #lumen #volttyphoon

in reply to Nonilex

Nonilex

in reply to Nonilex • 1 month ago • •

In a separate report earlier this month, #security company #Volexity said it had found another high-end technique in play at a different, unnamed #ISP. In that case, it said a Chinese state #hacking group distinct from #VoltTyphoon was able to get far enough inside the service provider to alter #DNS web addresses that users were trying to reach & divert them elsewhere, allowing the #hackers to insert #backdoors for #espionage.
 #InfoSec #Internet #tech #cybersecurity #China #US #geopolitics

#internet #security #infosec #Hacking #China #cybersecurity #tech #us #hackers #dns #geopolitics #espionage #ISP #volttyphoon #volexity #backdoors

⇧

Nonilex 1 month ago • •

Nonilex
1 month ago • •