Alleged Chinese Government-backed hacker group Volt Typhoon has compromised several internet companies in the US and abroad.
Researchers at Lumen Technologies said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director, a software platform used to manage services for customers of California-based Versa Networks.
Go deeper with GlobalData
The group exploited a software bug to target four US and one Indian victim, although they declined to identify the targets.
Lumen researcher Ryan English said that the internet companies were targeted by the attackers to surveil their customers. “They very rarely go in through the front door,” he said.
Versa Networks issued an advisory on Monday (26 August) acknowledging that the vulnerability had been exploited “in at least one known instance” by the Chinese hacker group and urged customers to update their software to fix the bug.
The subsequent blog post by Lumen said researchers believe the hacking campaign began as early as 12 June.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataVolt Typhoon is a particular concern to US cybersecurity officials with FBI Director Christopher Wray stating in April that China was developing the “ability to physically wreak havoc” on US critical infrastructure.
Douglas McKee, executive director of threat research at cybersecurity company SonicWall, said: “The recent exploitation highlights the critical importance of vulnerability research and product security testing.
“As demonstrated in this case, our adversaries are willing to invest significant time and resources to execute these attacks. The utilisation of AI also plays a part in making these sophisticated attacks more likely.
“Only proactive security measures, combined with 24/7 monitoring, will aid in defending against increasingly sophisticated cyber threats.”
The Chinese Embassy in Washington did not respond to a request for comment, although Beijing routinely denies allegations of its involvement in cyber espionage.
The US Cybersecurity and Infrastructure Security Agency has since added the Versa vulnerability to its list of known exploited vulnerabilities.
