The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an advisory on Sept. 14 that claimed that Chinese state actors were using known vulnerabilities to penetrate U.S. systems. According to the advisory, the Chinese Ministry of State Security (MSS) is heavily involved in the cyberespionage. The key takeaways are:
-
“Chinese MSS-affiliated cyber threat actors use open-source information to plan and conduct cyber operations.
-
“Chinese MSS-affiliated cyber threat actors use readily available exploits and exploit toolkits to quickly engage target networks.
-
“Maintaining a rigorous patching cycle continues to be the best defense against the most frequently used attacks.
-
“If critical vulnerabilities remain unpatched, cyber threat actors can carry out attacks without the need to develop custom malware and exploits or use previously unknown vulnerabilities to target a network.
-
“This Advisory identifies some of the more common—yet most effective—TTPs [tactics, techniques and procedures] employed by cyber threat actors, including Chinese MSS-affiliated cyber threat actors.”