https://www.dailyherald.com/20250925/nation-and-world/us-government-scrambles-to-stop-new-hacking-campaign-blamed-on-china/Federal agencies are racing to contain a new wave of sophisticated hacking by suspected Chinese attackers that took advantage of previously undiscovered flaws in widely used security software from networking company Cisco.The U.S. Cybersecurity and Infrastructure Security Agency issued a rare emergency directive on Thursday, ordering all civilian agencies to test Cisco firewall equipment before midnight Friday to see if it had been breached. Agencies must immediately disconnect devices that have been compromised, the directive said.The CISA said that hundreds of potentially vulnerable devices were installed in federal networks and that some operated by private firms were used to protect critical infrastructure.Because firewall equipment polices traffic entering a computer network, hackers who control it can monitor, change or misdirect communications or allow additional unauthorized access. Cisco previously said the group involved behaved as if it were backed by a national government.
Security experts warned that other spies and criminals now have enough information about the attack to use the same method, and would act quickly.CISA officials did not say who is behind the attacks, but security experts, including researchers at computer security firm Palo Alto Networks, said the hackers were based in China.The CISA did not dispute that conclusion. The Chinese embassy did not immediately respond to a request for comment.Officials from the United States, Britain and other allies also urged private companies to check equipment running Cisco Adaptive Security Appliances software.“We strongly urge them to adopt the measures” the CISA provided, said Chris Butera, acting deputy executive assistant director for cybersecurity at the agency. “The threat campaign is widespread.”The techniques used in the recent attacks are especially alarming, Butera said in a briefing, because they allow hackers to hide their tracks and remain connected despite equipment reboots and upgrades. Cisco is no longer obligated to provide support to some of the older equipment affected after Sept. 30.Butera said some U.S. agencies detected breaches using the attack as far back as May. CISA officials said they did not previously disclose the attacks because they did not know how the hackers had breached federal networks and then needed to have a fix ready.
Authorities sometimes don’t disclose breaches right away to avoid tipping off attackers. In this case, the CISA said it waited until a software patch was ready to provide more security to potential victims.Cisco declined to address the delay or repeated issues with the firewall software.Sam Rubin, a senior vice president at Palo Alto Networks, said the attackers’ group had gotten more sophisticated since it was detected using other methods against similar Cisco equipment early last year. He said it is now more focused than before on U.S. targets.Thursday’s disclosure came amid a rash of new reports by Google and other companies about hacking from Chinese agencies and their contractors.
>>1442450I recognize that smug mug on Wen Xinyu. He's been wanted for quite some time.
>>1442453Following up on this, I decided to Google a few others to see if they were previously wanted as well Bottom right just finished his American PhD at MIT lmaohttps://fduguchunhui.github.io/
>>1442454>MIT*TMC Houston
>>1442450Wait this is literally the same exact fkn dudes that have been wanted since Obama yearshttps://www.fbi.gov/news/stories/five-chinese-military-hackers-charged-with-cyber-espionage-against-us
>>1442458Well they haven't been caught yet have they?
>>1442450Shoulda thought of that before cutting all your fuckin counterintelligence, jackoffs.
Have you tried resetting the router?
