Chinese government-backed hackers have breached “major telecommunications companies,” among a range of targets worldwide, by exploiting known software flaws in routers and other popular network networking gear, US security agencies warned Tuesday.
“[T]hese devices are often overlooked by cyber defenders, who struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices,” says the advisory from the FBI, the National Security Agency and US Cybersecurity and Infrastructure Security Agency.
The agencies’ statement did not identify the victims of the hacking; the advisory was aimed at defensive measures to help organizations running the devices made by Cisco, Fortinet and other vendors, shore up their networks.
The Chinese government routinely denies hacking allegations.
It’s the latest in a series of public warnings from US cybersecurity officials to try to blunt the impact of foreign operatives’ efforts to infiltrate key computer networks and harvest data for spying or other purposes.
China “conducts more cyber intrusions than all other nations in the world combined,” FBI Deputy Director Paul Abbate alleged in an April speech.