A Chinese hacking group has exploited a software vulnerability to compromise several internet companies in the United States and abroad, according to a cybersecurity firm. The hackers targeted a previously unknown bug in Versa Director, a software platform used by Versa Networks, affecting multiple victims in the U.S. and India.
Key Takeaways
Chinese hackers exploited a vulnerability in Versa Director software.
Multiple internet companies in the U.S. and India were compromised.
The hacking group is allegedly backed by the Chinese government and is known as "Volt Typhoon."
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its list of known exploited vulnerabilities.
The Exploit
Researchers at Lumen Technologies revealed that the hackers took advantage of a previously unknown vulnerability in Versa Director, a software platform used to manage services for customers of Santa Clara, California-based Versa Networks. The cybersecurity firm identified four U.S. victims and one Indian victim but did not disclose their identities.
Versa Networks issued an advisory acknowledging the vulnerability and urged customers to update their software to fix the bug. The company confirmed three victims, including an internet service provider.
The Hacking Group
Lumen Technologies assessed with "moderate confidence" that the hacking campaign, which began as early as June 12, was carried out by an alleged Chinese government-backed group nicknamed "Volt Typhoon." The group is known for targeting internet companies to surveil their customers.
Doug Britton, an executive with Virginia-based RunSafe Security, stated that the access described by Lumen would allow a group like Volt Typhoon to conduct broad, silent surveillance.
Official Responses
The Chinese Embassy in Washington denied that "Volt Typhoon" was state-sponsored, labeling it a gang of cybercriminals. The embassy accused the U.S. intelligence community of collaborating with cybersecurity companies to exaggerate the threat of Chinese government-backed cyber attacks.
Brandon Wales, the recently departed executive director of CISA, noted that China's hacking efforts had "dramatically stepped up from where it used to be." In April, FBI Director Christopher Wray warned that China was developing the "ability to physically wreak havoc" on U.S. critical infrastructure.
Conclusion
Volt Typhoon has emerged as a significant concern for U.S. cybersecurity officials. The group's activities highlight the increasing sophistication and boldness of state-sponsored hacking efforts, emphasizing the need for robust cybersecurity measures and international cooperation to combat such threats.
Sources
Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says | Reuters, Reuters.
Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says | South China Morning Post, South China Morning Post.
Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says - Security - CRN Australia, CRN Australia.
ความคิดเห็น