According to Mandiant’s researchers, this is an on-going pattern as Chinese threat actors have realized there simply isn’t a good way to detect malicious activity on a router, or an internet-connected device that sits within a corporate network since there aren’t many tools available to defend those systems. As a result, sophisticated Chinese espionage actors are able to sit and spy on companies for much longer periods of time without being detected.
Mr. Charles Carmakal, CTO, Mandiant Consulting had to say about this latest intrusion:
“Chinese espionage operators’ recent victims include DIB, government, telecoms, and technology. Given how incredibly difficult they are to find, most organizations cannot identify them on their own. It’s not uncommon for Chinese campaigns to end up as multi-year intrusions. We hope this information and the accompanying hardening steps help more organizations to uncover these long standing breaches sooner.”
While Mandiant suspects that this group is working in support of the PRC’s goals, please note that no official attribution has been made.
More Related : Mandiant Consulting
If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com/ roy@roymediative.com, 9811346846/9625243429.
