The Cybersecurity and Infrastructure Security Agency (CISA) recently published warning of most probable attacks that can be carried out by hacking groups from China’s Ministry of State Security (MSS). The hacking group can be affiliated with China’s Ministry of State Security (MSS). The CISA has also said that Chinese hackers have scanned networks related to the US government for over the past year. They have done this in the presence of popular networking devices. A wave of attacks can be thrown into the US because of these scannings. The hackers are able to exploit the vulnerabilities. They can easily get hold of the sensitive networks present in US government networking.
The devices which are targeted by these hackers will include F5 Big-IP load balancers, Citrix and Pulse Secure VPN appliances, and Microsoft Exchange email servers. The vulnerabilities in all of these devices have been disclosed for over the past 12 months. The vulnerabilities include CVE-2020-5902, CVE-2019-19781, CVE-2019-11510, and CVE-2020-0688, respectively for all of the devices mentioned above. Some attackers have also been successful in getting some control on the federal networks. The report about the same was published by CISA. Last year also the Chinese hackers have targeted VPN servers. The hack was successful after the vulnerabilities of the service became public.
Along with Chinese hackers, Iranian hackers are also targeting particular networking appliances to get hold of sensitive information. A report by private cybersecurity sector and a cybersecurity alert were published by the FBI regarding the same last month. The Iranian hacker group has compromised the types of devices mentioned above and have provided access to their fellow hackers so that they can compromise the networks. The Chinese hackers also deploy open-source tools so that they can exfiltrate the data in the network. CISA is recommending people to take different security techniques and procedures into consideration to stop and prevent these attacks