Cybersecurity: NSA steps out of the shadows to spotlight where China hackers prowl
- The notice from the NSA may serve as motivation to entities that could be targeted by Chinese hackers to apply the fixes
- The NSA also highlighted the risk these flaws pose to US government networks, including national security systems
The US National Security Agency detailed 25 cyber vulnerabilities frequently used by Chinese state-sponsored hackers in an effort to alert computer security officials to update their systems.
Most of the vulnerabilities “can be exploited to gain initial access to victim networks using products that are directly accessible from the internet and act as gateways to internal networks,” according to the NSA’s statement.
The vulnerabilities listed by the agency are already publicly known, in software like Microsoft Corp.’s Windows or Citrix Systems Inc.’s remote work products. Even though the vulnerabilities have already been disclosed, computer security professionals may struggle to adequately apply a fix that mitigates the flaw. In some instances, the vulnerabilities are years old while others were discovered as recently as September.
The notice from the NSA may serve as motivation to entities that could be targeted by Chinese hackers to apply the fixes. The advisory is part of a recent effort by the historically secretive agency to increase network security across the country and bolster public trust in the agency.
“We hope that by highlighting the vulnerabilities that China is actively using to compromise systems, cybersecurity professionals will gain actionable information to prioritise efforts and secure their systems,” NSA cybersecurity director Anne Neuberger said in a press release.
The NSA also highlighted the risk these flaws pose to US government networks, including national security systems, defence contractors and Defense Department networks.
The advisory is the latest instance of the US calling out China’s state hackers and sharing information about their malware. In August, the US publicly connected another type of malware – known as “Taidoor” – to the Chinese government. In May, the US warned that China was targeting health care, pharmaceutical and research organisations in order to steal information on developing vaccines and treatments for Covid-19.