The Netherlands announced on Tuesday that Chinese state-backed hackers broke into an internal computer network used by the Dutch Ministry of Defense last year.
As first reported by Reuters, both the country’s military (MIVD) and civilian (AIVD) security agencies said in an unusual announcement that the ministry had confirmed that the agency was using the FortiGate device for espionage purposes after attackers exploited vulnerabilities in FortiGate devices. announced that it had been hacked.
MIVD announced that it had discovered malware on a compartmentalized computer network used by the country’s military for unclassified research and development.
“The system was self-contained and did not cause any damage to defense networks,” officials said.
Minister of Defense Kajisa Ollongren said: “For the first time, the MIVD has chosen to publish a technical report on how Chinese hackers operate. By doing so, we will increase international resilience against this type of cyber espionage.”
It is unclear which bug the hackers exploited. However, an issue discovered in FortiGate devices last year (tracked as CVE-2023-27997) caused significant concern due to the product’s widespread use among government agencies.
Shortly after this vulnerability was disclosed, researchers warned that hundreds of thousands of vulnerable interfaces were exposed to the Internet, representing nearly 70% of all installations online.
Christopher Glyer, Microsoft Threat Intelligence Center asked a question Whether the same vulnerability was used in an attack by a China-linked threat group tracked as Bolt Typhoon that hacked Guam’s critical infrastructure last year.
Fortinet said it has not linked the exploit to Bolt Typhoon “at this time,” but added that “all threat actors, including those behind the Bolt Typhoon campaign, are using widely used software and devices. “We expect the company to continue exploiting unpatched vulnerabilities.”
recorded future
intelligence cloud.
learn more.
There are no past articles
There are no new articles
