NSA, FBI warn hackers are using these flaws to target VPNs and network devices
The US has warned that hackers conducting illicit cyber activity on the behalf of China may be exploiting publicly disclosed flaws in network devices. This may be part of a broader effort to steal and manipulate network traffic, the NSA and FBI warn. According to the agencies, there are at least 16 flaws in network device software that is vulnerable to attack. The flaws are located in software from brands such as Cisco, Fortinet, Netgear, MikroTik, Puse Secure, and Citrix. The flaws were disclosed between 2018 and 2021, and are all rated as critical.
According to the NSA and the FBI, these flaws are the most frequently exploited by hackers who are collaborating with the People’s Republic of China since 2020. The technique allows threat actors to gain access to victim accounts by leveraging publicly available exploit code against VPN services. The warning was released amid concerns about attacks affecting small business routers, enterprise VPNs, and network attached storage devices.