The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI) and international partners, have released a Guide which provides best practices to protect against a People’s Republic of China (PRC)-affiliated threat actor that has compromised networks of major global telecommunications providers. The recommended practices will strengthen visibility and harden network devices against this broad and significant cyber espionage campaign.
This guidance was crafted in response to a
PRC affiliated threat actor’s compromise of networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign. The compromise of private communications impacted a limited number of individuals who are primarily involved in government or political activity.
Although tailored to the Communications Sector, CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organizations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion. For more information on PRC state-sponsored threat actor activity, see CISA’s
People’s Republic of China Cyber Threat.
Reporting
The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at
www.cyber.nj.gov/report.
Please do not hesitate to contact the NJCCIC at
njccic@cyber.nj.gov with any questions. Also, for more background on our recent cybersecurity efforts, please visit
cyber.nj.gov.