web analytics

Dutch Agency Renews Warning of Chinese Fortigate Campaign – Source: www.databreachtoday.com

Rate this post

Source: www.databreachtoday.com – Author: 1

Cyberwarfare / Nation-State Attacks
Fraud Management & Cybercrime
Network Firewalls, Network Access Control

Chinese Cyber Espionage Campiagn Is ‘Much Larger Than Previously Known’

Chris Riotta (@chrisriotta) •
June 11, 2024    

Dutch Agency Renews Warning of Chinese Fortigate Campaign
The Dutch National Cyber Security Center said that a Chinese cyberespionage campaign exploiting Foritnet devices is larger than initially known. (Image: Shutterstock)

Chinese hackers breached thousands of vulnerable Fortigate network security appliances in a cyber-espionage campaign “much larger than previously known,” a Dutch cybersecurity agency warned Tuesday.

See Also: Close the Case on Ransomware

The Dutch National Cyber Security Center said hackers targeted dozens of Western governments, international organizations and defense contractors after exploiting a critical remote code execution flaw in FortiOS/FortiProxy between 2022 and 2023.

The state-sponsored hackers deployed a previously unknown malware strain capable of persisting on networks despite firmware and security upgrades. The actual number of victims remains unknown. Dutch intelligence services estimates the hacking group could still have access to hundreds of vulnerable devices worldwide and may be capable of stealing sensitive data.

The U.S. Cybersecurity and Infrastructure Security Agency included the critical flaw, tracked as CVE-2022-42475, in its known exploited vulnerabilities catalog. Dutch officials warn the hackers likely maintain access to at least some victims due to the stealthy nature of the “Coathanger” remote access Trojan malware used to exploit Fortigate appliances.

The Dutch military intelligence service first reported the malware was found on a ministry of defense network, though the hackers were blocked from classified systems due to network segmentation protections. In total, at least 20,000 FortiGate systems were breached in the two months that preceded Fortinet disclosing the vulnerability, according to the intelligence service (see: Chinese Hackers Penetrated Unclassified Dutch Network).

The service issued a report with the Dutch General Intelligence and Security Service earlier this year detailing how the Chinese hackers used Coathanger malware to target FortiGate systems

“Since then, the MIVD has conducted further research and it has emerged that the Chinese cyber espionage campaign appears to be much more extensive than previously known,” the service said in a Tuesday update.

The intelligence service urged organizations to apply an “assumed breach” principle that calls for measures to limit the damage and impact of a successful digital attack that has already taken place.

Original Post url: https://www.databreachtoday.com/dutch-agency-renews-warning-chinese-fortigate-campaign-a-25488

Category & Tags: –

Views: 2


advisor pick´S post

More Latest Published Posts