MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
devices
Search

Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices

Friday November 1, 2024. 04:20 PM , from Slashdot
Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices
British cybersecurity firm Sophos revealed this week that it waged a five-year battle against Chinese hackers who repeatedly targeted its firewall products to breach organizations worldwide, including nuclear facilities, military sites and critical infrastructure. The company told Wired that it traced the attacks to researchers in Chengdu, China, linked to Sichuan Silence Information Technology and the University of Electronic Science and Technology.

Sophos planted surveillance code on its own devices used by the hackers, allowing it to monitor their development of sophisticated intrusion tools, including previously unseen 'bootkit' malware designed to hide in the firewalls' boot code. The hackers' campaigns evolved from mass exploitation in 2020 to precise attacks on government agencies and infrastructure across Asia, Europe and the United States. Wired story adds: Sophos' report also warns, however, that in the most recent phase of its long-running conflict with the Chinese hackers, they appear more than ever before to have shifted from finding new vulnerabilities in firewalls to exploiting outdated, years-old installations of its products that are no longer receiving updates. That means, company CEO Joe Levy writes in an accompanying document, that device owners need to get rid of unsupported 'end-of-life' devices, and security vendors need to be clear with customers about the end-of-life dates of those machines to avoid letting them become unpatched points of entry onto their network. Sophos says it's seen more than a thousand end-of-life devices targeted in just the past 18 months.

'The only problem now isn't the zero-day vulnerability,' says Levy, using the term 'zero-day' to mean a newly discovered hackable flaw in software that has no patch. 'The problem is the 365-day vulnerability, or the 1,500-day vulnerability, where you've got devices that are on the internet that have lapsed into a state of neglect.'

Read more of this story at Slashdot.
Read more at Slashdot
https://it.slashdot.org/story/24/11/01/088213/inside-a-firewall-vendors-5-year-war-with-the-chinese-...

Related News

devices Brit telcos to clash in high-speed mmWave spectrum showdown next year TheRegisterNov 13
its Shigeru Miyamoto reflects on Donkey Kong's 40+ year history with a tour through Donkey Kong Country at Super Nintendo World BoingBoingNov 12
hackers Microsoft is Killing off Windows 11's Mail and Calendar Apps By the End of the Year SlashdotNov 12
chinese Georgia mom arrested after 11-year-old son walks to town — less than a mile — by himself BoingBoingNov 12
firewall Microsoft is officially killing Windows Mail and Calendar by year’s end PC WorldNov 12
vulnerability D-Link Won't Fix Critical Flaw Affecting 60,000 Older NAS Devices SlashdotNov 12
sophos Shooter at Ohio nursing home was 70-year-old resident — he needed room repairs so he grabbed his gun BoingBoingNov 11
wired 2024 On Track To Be Hottest Year on Record as Warming Temporarily Hits 1.5C SlashdotNov 11
attacks Free Software Foundation Plans Year of Celebrations For Its 40th Anniversary SlashdotNov 10
company More games, fewer awkward holiday convos with a year of Xbox Game Pass Core PC WorldNov 10
inside Retrocomputing Enthusiast Repairs Mattel's 48-Year-Old Handheld Videogame SlashdotNov 9
levy Unbreakable Voyager space probes close in on a 50 year mission TheRegisterNov 9
infrastructure Hackers Are Sending Fraudulent Police Data Requests To Tech Giants To Steal People's Private Information SlashdotNov 9
including TSMC Halts Advanced Chip Shipments To Chinese AI Companies SlashdotNov 9
need TSMC halts advanced chip shipments to Chinese AI companies TheRegisterNov 8
year The secret of consciousness may be found in the strange electric fields inside our skulls BoingBoingNov 8
devices FBI Says Hackers Are Sending Fraudulent Police Data Requests To Tech Giants To Steal People's Private Information SlashdotNov 8
its US consumer protection agency bans employee mobile calls amid Chinese hack fears ComputerWorldNov 8
hackers AMD’s desktop CPU share soars 10 percentage points in a year PC WorldNov 7
chinese Charge two devices from one port with this $20 Anker split USB-C cable PC WorldNov 7
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Nov, Thu 21 - 10:57 CET