It was in 2022-2023 when several hackers supported by China managed to take advantage of a certain weakness within the Fortinet Fortigate System. This affected over 20,000 devices globally, potentially impacting critical infrastructure. The Dutch National Cyber Security Center (NCSC) noted that these hackers possessed vast knowledge concerning the weaknesses within the FortiGate system which had been made public even before Fortinet came into existence.
Though not disclosed, this campaign targeted many Western governments, international organizations and defense companies. In February 2024, these findings built on an earlier advisory that had disclosed how the attackers used CVE-2022-42475 as an avenue into breaching Dutch armed forces’ computer networks scoring 9.8 on the Common Vulnerability Scoring System (CVSS) and enables a remote code execution on it.
A backdoor named COATHANGER could be controlled remotely from a server maintained by the actress. This backdoor was meant to allow continuous connection to devices over long periods of time and it served as a good place for hosting other malicious programs. What one should know, however, is that this malicious software program was not installed until much later after the start date of its distribution to control it, yet no one knows how many people got infected through this ruse withstanding the machines involved.”
This development illustrates the continued tendency by cyber offenders to focus on the edge devices when attempting to infiltrate important networks. The NCSC underlined that part of edging devices’ security problems arise from their typical connection to the internet without being covered byEndpoint Detection and Response (EDR) solutions. In addition to this, these facts enhance the features in low edge device that can make them be easily targeted by bad persons.
In summary, the long and extensive class breach into Fortinet FortiGate systems made by the Chinese state-sponsored actors continues to show that critical infrastructure is continually threatened through cyber-attacks. Among those that were targeted are Western governments, and defense companies, among others, demonstrating the strategic reason for the actions. The discoveries shown by NCSC prove that more edge devices security should be enhanced because they still expose vulnerabilities since they are always on the internet and lack robustness.
For more such news visit, tech-news.in
Featured image: Image by kjpargeter on Freepik
