Skip links
CONTACT US

Top vulnerabilities exploited by the PRC state-sponsored cyber actors and how to mitigate them

Jump To Section

  • Nikhil Badsheshi
  • 5 mins
According to the assessment made by NSA, CISA and FBI, the People’s Republic of China has sponsored cyber actors to exploit the commonly known vulnerabilities and exposures.
Mitigating vulnerabilities exploited by PRC cyber actors

According to the assessment made by NSA, CISA and FBI, the People’s Republic of China has sponsored cyber actors to exploit the commonly known vulnerabilities and exposures. These state-sponsored cyber actors exploit known vulnerabilities to actively target government as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.

NSA, CISA, and FBI suggest governments, critical infrastructure, and private sector organizations to apply the recommendations listed in the mitigations section to increase their defensive posture and reduce the threat of compromise from the state-sponsored malicious cyber actors.

Top vulnerabilities exploited by PRC state-sponsored cyber actors since 2020

Companies affected – Apache, Pulse Connect Secure, GitLab, Atlassian, Microsoft, F5 Big-IP, VMware, Citrix ADC, Cisco, Buffalo, Hikvision, Sitecore, ZOHO.

Exploits – Remote Code Execution, Arbitrary File Read, Path Traversal, Command Line Execution, Command Injection, Authentication Bypass by Spoofing.

These state-sponsored actors continue to use virtual private networks (VPNs) to obfuscate their activities and target web-facing applications to establish initial access. Many of the vulnerabilities allow the actors to surreptitiously gain unauthorized access into sensitive networks, after which they seek to establish persistence and move laterally to other internally connected networks. PRC state-sponsored cyber actors continue to target government and critical infrastructure networks with an increasing array of new and adaptive techniques—some of which pose a significant risk to technology organizations (including telecommunications providers), Defense Industrial Base (DIB) Sector organizations, and other critical infrastructure organizations.

Important mitigation measures

NSA, CISA, and FBI suggest organizations to apply the below recommendations on a regular basis:

  • Update and patch systems as soon as possible. Prioritize patching vulnerabilities identified in the CSA and other known exploited vulnerabilities.
  • Utilize phishing-resistant multi-factor authentication whenever possible. Mandate all accounts with password logins to have strong, unique passwords, and change passwords immediately if there are indications that a password may have been compromised.
  • Block obsolete or unused protocols at the network edge.
  • Upgrade or replace end-of-life devices.
  • Move toward the Zero-Trust security model.
  • Enable robust logging of internet-facing systems and monitor the logs for anomalous activity.

Resources:

Picture of Nikhil Badsheshi

Nikhil Badsheshi

Latest Reads

Subscribe

Suggested Reading

Master AWS Security: Threat Detection with Amazon GuardDuty

Master AWS Security: Threat Detection with Amazon GuardDuty

CloudInfosec
Enhancing Retail Planning: Streamlining Transfer Engine Efficiency

Enhancing Retail Planning: Streamlining Transfer Engine Efficiency

Digital BusinessPlatform Modernization
Empowering Retail Excellence with AI-Powered Transformation

Empowering Retail Excellence with AI-Powered Transformation

AnalyticsPlatform Modernization

Ready to Unlock Yours Enterprise's Full Potential?

Adaptive Clinical Trial Designs: Modify trials based on interim results for faster identification of effective drugs.Identify effective drugs faster with data analytics and machine learning algorithms to analyze interim trial results and modify.
Real-World Evidence (RWE) Integration: Supplement trial data with real-world insights for drug effectiveness and safety.Supplement trial data with real-world insights for drug effectiveness and safety.
Biomarker Identification and Validation: Validate biomarkers predicting treatment response for targeted therapies.Utilize bioinformatics and computational biology to validate biomarkers predicting treatment response for targeted therapies.
Collaborative Clinical Research Networks: Establish networks for better patient recruitment and data sharing.Leverage cloud-based platforms and collaborative software to establish networks for better patient recruitment and data sharing.
Master Protocols and Basket Trials: Evaluate multiple drugs in one trial for efficient drug development.Implement electronic data capture systems and digital platforms to efficiently manage and evaluate multiple drugs or drug combinations within a single trial, enabling more streamlined drug development
Remote and Decentralized Trials: Embrace virtual trials for broader patient participation.Embrace telemedicine, virtual monitoring, and digital health tools to conduct remote and decentralized trials, allowing patients to participate from home and reducing the need for frequent in-person visits
Patient-Centric Trials: Design trials with patient needs in mind for better recruitment and retention.Develop patient-centric mobile apps and web portals that provide trial information, virtual support groups, and patient-reported outcome tracking to enhance patient engagement, recruitment, and retention
Regulatory Engagement and Expedited Review Pathways: Engage regulators early for faster approvals.Utilize digital communication tools to engage regulatory agencies early in the drug development process, enabling faster feedback and exploration of expedited review pathways for accelerated approvals
Companion Diagnostics Development: Develop diagnostics for targeted recruitment and personalized treatment.Implement bioinformatics and genomics technologies to develop companion diagnostics that can identify patient subpopulations likely to benefit from the drug, aiding in targeted recruitment and personalized treatment
Data Standardization and Interoperability: Ensure seamless data exchange among research sites.Utilize interoperable electronic health record systems and health data standards to ensure seamless data exchange among different research sites, promoting efficient data aggregation and analysis
Use of AI and Predictive Analytics: Apply AI for drug candidate identification and data analysis.Leverage AI algorithms and predictive analytics to analyze large datasets, identify potential drug candidates, optimize trial designs, and predict treatment outcomes, accelerating the drug development process
R&D Investments: Improve the drug or expand indicationsUtilize computational modelling and simulation techniques to accelerate drug discovery and optimize drug development processes