Hackers are always on the prowl looking for systems they can hack into. And state-sponsored hackers are those elites that sport more resources.
Knowing how persistent they can be, and the damage state-sponsored hackers can do, the U.S. National Security Agency (NSA) has published a report detailing the top 25 vulnerabilities that are consistently being scanned, targeted, and exploited by Chinese hacking groups.
Fortunately, all of the 25 security bugs are already well known in the cyber security world, and patches for them are already available from their vendors.
But unfortunately, many of the vulnerabilities are also publicly available.
What this means, not only that the Chinese hackers can exploit them, as other hacker gangs, including ransomware authors, low-level malware hackers, and even other state-sponsored hackers can utilize.
"Most of the vulnerabilities listed below can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks," said the NSA.
The vulnerabilities the NSA listed, are put together to create an advisory to provide their Common Vulnerabilities and Exposures (CVEs).
With it, the NSA advises the following:
- Keep systems and products updated and patched as soon as possible after patches are released.
- Expect that data stolen or modified (including credentials, accounts, and software) before the device was patched will not be alleviated by patching, making password changes and reviews of accounts a good practice.
- Disable external management capabilities and set up an out-of-band management network.
- Block obsolete or unused protocols at the network edge and disable them in device configurations.
- Isolate Internet-facing services in a network Demilitarized Zone (DMZ) to reduce the exposure of the internal network.
- Enable robust logging of Internet-facing services and monitor the logs for signs of compromise.
State-sponsored hackers are usually those that are deployed during "network warfare", or cyberwarfare. These hackers can attack targeted entities inside another nation, in order to cause harm.
And in China, the country that is both the world's second-largest economy and a nuclear weapons state with the world's second-largest defense budget, is said to acknowledge the concept of cyberwarfare.
According to a news post by Foreign Policy, it was estimated that China's hacker army had a personnel ranging from 50,000 to 100,000 individuals.
And that was in 2010, the time when social media networks were just taking their pace, and mobile phones were on their way to become "smartphones".
It should be noted though, that hacking is an activity done through cyberspace.
Many times, hacking attempts and campaigns were for espionage. Other times, they were meant to spread propaganda or fake news, in order to alter public opinion about something, like during elections, for example. It's considered rarer for state-sponsored hackers to target the military or to generate income.
The U.S and other Western countries have long accused China (as well as Russia, Iran and North Korea) for their aggressive hacking campaigns. While investigations suggested that many of the attacks originated from computer systems in China, it's almost impossible to know for certain that the hacks were government-sponsored.
China has for multiple times denied accusations of cyberwarfare, and has in turn accused the United States of engaging in cyberwarfare against China, a claim the U.S. government denies.
So here, cyberwarfare between the West and the East involves a lot of accusations. Despite present, it's somehow more political that it should be.