WASHINGTON DC – Much of the discussion surrounding cyberwarfare has centered around Russia and Ukraine, in recent months. While it may have been pushed into the background, however, China’s aggressive cyber activity continues apace, whether it rises to the level of warfare or not.

Only a month ago, we covered news that Chinese state-sponsored hackers had been deploying malware to steal US intellectual property in an operation that went undetected for years. Just a month before that, we wrote about a Chinese state-sponsored hacking group that had been using VLC Media Player to deploy malware in targeted attacks on foreign governments and NGOs.

Both of these Chinese-backed cyber operations were discovered by private cybersecurity researchers, but US federal agencies have been monitoring Chinese cyber activity as well. This week, the National Security Agency (NSA), Cybersecurity & Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory detailing ways that Chinese state-sponsored hackers have been compromising network providers and devices in order to snoop on network activity and steal credentials.

According to the advisory, this cyber espionage is widespread and doesn’t solely target large network infrastructure, but also smaller, commercial network devices, like routers and Network Attached Storage (NAS) devices. The Chinese hackers carry out this activity by exploiting known vulnerabilities in network devices. In many cases, the vendors who manufacture these network devices have released patches that fix the vulnerabilities, but network administrators have neglected to update the devices. The following table lists the known network devices vulnerabilities most commonly leveraged by Chinese-backed hackers.

To read more, click on HotHardware