1. Forum
  2. tqw
  3. TQW GENTECH

  • Sophos reveals how it fought a network of dangerous Chinese hacke

    From TechnologyDaily@1337:1/100 to All on Friday, November 01, 2024 11:30:05
    Sophos reveals how it fought a network of dangerous Chinese hackers for years

    Date:
    Fri, 01 Nov 2024 11:23:55 +0000

    Description:
    Chinese threat actors have been targeting networking devices worldwide,
    Sophos reveals.

    FULL STORY ======================================================================

    Sophos has revealed details of a five year battle with Chinese hackers who targeted networking devices across the globe.

    The Pacific RIm reports outline clusters of activity that cybersecurity venders and law enforcement can attribute to known threat actors Volt
    Typhoon, APT31 and APT41/Winnti - with varying degrees of confidence.

    Included in the list of targets were prominent manufacturers such as
    Fortinet, NetGear, Sophos, Check Point, Cisco, and more. The attacks were aimed at high value targets primarily in the Indo-pacific region, and
    included nuclear energy suppliers, telecoms, military, and government agencies. Critical infrastructure attacks

    "For more than five years, Sophos has been investigating multiple China-based groups targeting Sophos firewalls, with botnets, novel exploits, and bespoke malware," Sophos explains in the report.

    The state actors are not exclusively aiming at high value espionage targets though, as Sophos observed actors using tightly connected digital ecosystems which form part of the critical infrastructure supply chain to disrupt critical services.

    This community is believed to be collaborating on vulnerability research and sharing their findings with both vendors and entities associated with the Chinese government, including contractors conducting offensive operations on behalf of the state. However, the full scope and nature of these activities has not been conclusively verified." said Ross McKerchar, Sophos X-Ops.

    Researchers believe that the attacks started in 2018 when they hit the Cyberoam headquarters, which is an India-based Sophos subsidiary.

    Critical infrastructure is increasingly at the receiving end of state-sponsored cyberattacks, with some estimates putting this figure at 420 million in 2023, which is 13 attacks per second .

    One of the groups, Volt Typhoon, has already been found lurking on US
    critical infrastructure networks for years, so this news wont come as much of a surprise. The state sponsored group were positioned to steal sensitive information, monitor activity, and disrupt the infrastructure. More from TechRadar Pro Take a look at some of the best antivirus software Businesses expect cyber threats to rise, but arent ready for them Check out our pick for best firewall software



    ======================================================================
    Link to news story: https://www.techradar.com/pro/sophos-reveals-how-it-fought-a-network-of-danger ous-chinese-hackers-for-years


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)