Tech World

Chinese hackers have breached ‘major telecommunications companies’ in the US

Chinese government-backed hackers have breached “major telecommunications companies,” among a range of targets worldwide, by exploiting known software flaws in routers and other popular network networking gear, US security agencies warned Tuesday.

“[T]hese devices are often overlooked by cyber defenders, who struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices,” says the advisory from the FBI, the National Security Agency and US Cybersecurity and Infrastructure Security Agency.

The advisory was aimed at defensive measures to help organizations running the devices made by Cisco, Fortinet and other vendors, shore up their networks.

“To kick [the Chinese hackers] out, we must understand the tradecraft and detect them beyond just initial access,” tweeted Rob Joyce, an official who has spent decades at the NSA.

It’s the latest in a series of public warnings from US cybersecurity officials to try to blunt the impact of foreign operatives’ efforts to infiltrate key computer networks and harvest data for spying or other purposes. As is often the case, the attackers are using vulnerabilities in software that are already known, meaning a fix is available, rather than a fancy hacking exploit that hasn’t been discovered.

China “conducts more cyber intrusions than all other nations in the world combined,” FBI Deputy Director Paul Abbate alleged in an April speech.