“[T]”These devices are often overlooked by cyber defenders, who struggle to maintain and keep up with routine software patching of Internet-facing services and endpoint devices,” the FBI, National Security Agency and US Cybersecurity and Infrastructure Security Agency said in a statement.
The agencies’ statement did not identify the victims of the hacking; The advice was aimed at defensive measures to help organizations running the devices created by Cisco, Fortinet and other vendors strengthen their networks.
The Chinese government routinely rejects hacking allegations.
It is the latest in a series of public warnings from US cybersecurity authorities to try to reveal the impact of foreign operators’ attempts to infiltrate important computer networks and obtain data for espionage or other purposes. As is often the case, attackers use vulnerabilities in software that is already known, which means that a solution is available, instead of a fancy hacking exploit that has not been detected.
China “engages in more cyber-intrusions than any other nation in the world combined,” FBI Deputy Paul Abbate said in a speech in April.
But analysts say the United States’ efforts to confront China over its alleged cyber campaigns are more complicated than doing so with Russia, because of how deeply intertwined the US and Chinese economies are.