“[T]These devices are often overlooked by cyber defenders who struggle to keep up with routine software patching of internet-connected services and endpoint devices,” the FBI, National Security Agency and US Cybersecurity and Infrastructure recommendation said Security Agency.
The agencies’ statement did not identify the victims of the hacking; The recommendation focused on countermeasures to help companies operating devices from Cisco, Fortinet and other vendors secure their networks.
The Chinese government routinely denies hacking allegations.
It’s the latest in a series of public warnings from US cybersecurity officials trying to mitigate the impact of foreign agents’ efforts to infiltrate key computer networks and collect data for espionage or other purposes. As is often the case, the attackers are taking advantage of vulnerabilities in software that are already known, meaning a fix is available rather than some fancy hacking exploit that hasn’t been discovered yet.
China “performs more cyberattacks than all other nations in the world combined,” FBI Deputy Director Paul Abbate claimed in a speech in April.
But analysts say US efforts to confront China over its alleged cyber campaigns are more complicated than doing so with Russia because the US and Chinese economies are so intertwined.