Heimdal
Home > Cybersecurity News

Most Common U.S. Security Issues Exploited by Chinese Hackers Since 2020

U.S. Federal Agencies Address Top Flaws and Take Necessary Measures.

Last updated on October 5, 2023

article featured image

Contents:

U.S. federal agencies NSA, CISA, and the FBI revealed the top security vulnerabilities most targeted by threat actors backed by the People’s Republic of China (PRC) with the intention to compromise government and critical infrastructure networks.

NSA, CISA, and FBI continue to assess PRC state-sponsored cyber activities as being one of the largest and most dynamic threats to U.S. government and civilian networks.

Source

Further Context

The joint Cybersecurity Advisory (CSA) claims Chinese-sponsored hackers are targeting U.S. and its allies, as well as tech companies with the clear intent to gain access to sensitive networks and steal intellectual property. The report is meant to inform about trends and persistent tactics, techniques, and procedures.

According to BleepingComputer, the advisory also contains recommended mitigations for each of the security flaws most exploited by threat actors, as well as detection methods and vulnerable technologies to help defenders spot and block incoming attack attempts.

Top CVEs most used by Chinese state-sponsored cyber actors since 2020 –Source

Recommended Actions

The CSA further advises the U.S. government and its allies, along with all critical infrastructure and private sector organizations, a series of mitigation measures to defend against cyberattacks.

  • Patch systems and equipment promptly and diligently – in order to prevent remote code execution or denial-of-service on externally facing equipment, with the recommendation to use a patch management program that will enable a patching cycle.
  • Enhanced monitoring of network traffic, email, and endpoint systems.
  • Protection capabilities to stop malicious activity such as anti-virus software and other endpoint protection to automatically detect and prevent malicious files from executing.
  • Move toward the Zero Trust security model and monitoring the logs for suspicious activity.

Ever since 2020, Chinese-backed threat actors have been exploiting vulnerabilities, which have been made public in a previously released advisory.

If you liked this article, follow us on LinkedInTwitterFacebook, YouTube, and Instagram for more cybersecurity news and topics.

Author Profile

Mihaela Popa

COMMUNICATIONS & PR OFFICER

Mihaela is a digital content creator for Heimdal® and the proud owner of an old soul and a curious mind. Passionate to learn and discover more about cybersecurity, she will gladly share her latest finds with you.

Related Articles

Security Information and Event Management (SIEM). What It Is and How It Works.Malicious Cyber Activity Targeting Election Systems: FBI DeclaresHackers Use Customized Malware to Steal U.S. Defense DataFBI Lessons on Fighting Cybercrime: Three Tips on How to Improve CybersecurityMalware vs. Ransomware: Do You Know the Difference?DDoS Attack. How Distributed Denial of Service Works and How to Prevent It

Leave a Reply

Your email address will not be published. Required fields are marked *

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE
linkedin
youtube
facebook
x

resources

company

newsletter

© 2024 Heimdal®

Vat No. 35802495, Vester Farimagsgade 1, 2 Sal, 1606 København V