NSA warns 'Chinese state-sponsored cyber actors' targeting known vulnerabilities in defense networks

By Justin Doubleday / October 21, 2020 at 1:16 PM

The National Security Agency has released an advisory detailing how actors backed by the Chinese government are targeting known vulnerabilities in U.S. national security networks.

In a cybersecurity advisory released yesterday, the NSA detailed 25 known exploits that "Chinese state-sponsored cyber actors" are using against "a multitude of victim networks." The advisory alleges such actors are "one of the greatest threats" to U.S. national security systems, the defense industrial base and Defense Department information systems.

The advisory includes descriptions of the "Common Vulnerabilities and Exposures" as well as recommended mitigations.

"NSA is aware that National Security Systems, Defense Industrial Base, and Department of Defense networks are consistently scanned, targeted, and exploited by Chinese state-sponsored cyber actors," the bulletin states. "NSA recommends that critical system owners consider these actions a priority, in order to mitigate the loss of sensitive information that could impact U.S. policies, strategies, plans, and competitive advantage.

"Additionally, due to the various systems and networks that could be impacted by the information in this product outside of these sectors, NSA recommends that the CVEs above be prioritized for action by all network defenders," the advisory continues.

Last year, the NSA established a "cybersecurity directorate" to share unclassified threat intelligence, with a special focus on the defense industrial base.

"We hear loud and clear that it can be hard to prioritize patching and mitigation efforts," NSA Cybersecurity Director Anne Neuberger said in a statement released yesterday. "We hope that by highlighting the vulnerabilities that China is actively using to compromise systems, cybersecurity professionals will gain actionable information to prioritize efforts and secure their systems."