Search

U.S. Warns Of Ongoing Cyber Exploits By China Against Telecoms, Network Service Providers

U.S. Warns Of Ongoing Cyber Exploits By China Against Telecoms, Network Service Providers

China state-sponsored actors continue to exploit known, common vulnerabilities against major telecommunications companies and network service providers aimed at compromising a network of infrastructure worldwide, U.S. agencies warned on Tuesday evening.

“These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organizations,” says a joint Cybersecurity Advisory issued by the National Security Agency, Cybersecurity and Infrastructure Security Agency, and the FBI.

Taking advantage of existing vulnerabilities that are known means that the People’s Republic of China state-sponsored actors don’t need to deploy their own malware to access networks, the advisory says.

“Since 2020, PRC state-sponsored cyber actors have conducted widespread campaigns to rapidly exploit publicly identified security vulnerabilities, also known as common vulnerabilities and exposures (CVEs),” the advisory warns. “This technique has allowed the actors to gain access into victim accounts using publicly available exploit code against virtual private network services or public facing applications without using their own distinctive or identifying malware, so long as the actors acted before victim organizations updated their systems.”

The advisory lists the vendors and the top network device CVEs favored by the PRC state-sponsored actors and also posts a number of mitigations including following best practices such as applying network patches as soon as possible and implementing a centralized patch management system, replacing end-of-life infrastructure, segment networks, require multi-factor authentication for all users, and disabling unnecessary ports and protocols.



Contract Updates

BAE Systems Space & Mission Systems Inc. (Boulder, Colorado) – $48,000,000

BAE Systems Space & Mission Systems Inc., Boulder, Colorado, was awarded a $48,000,000 firm-fixed-price contract for the study, design, development, enhancement, testing, and procurement of advanced communication-electronics technologies. Bids were solicited via the internet with one received. Work locations and…


Portus Stevedoring LLC (Jacksonville, Florida) – $8,292,583

Portus Stevedoring LLC, Jacksonville, Florida, is awarded a not-to-exceed $8,292,583 firm-fixed-price, indefinite-delivery/indefinite-quantity contract with a five-year ordering period for stevedoring and related terminal services. This contract provides for full range of stevedoring and related terminal services to include the receipt,…


Foster Miller doing business as QinetiQ North America (Waltham, Massachusetts) – $11,310,230

Foster Miller, doing business as QinetiQ North America, Waltham, Massachusetts, is awarded an $11,310,230 firm-fixed-price modification to a previously awarded indefinite-delivery/indefinite-quantity contract (N00174-21-D-0019) to exercise Option Year Four for production, engineering support, and post-production support of the MK 2 Man…


EnergySolutions Services Inc. (Oak Ridge, Tennessee) – $13,336,650

EnergySolutions Services Inc., Oak Ridge, Tennessee, is being awarded a $13,336,650 firm-fixed-price, indefinite-delivery/indefinite-quantity contract action (N42158-25-D-E001) for nuclear services for the processing, recycling and disposal of radiologic materials through disassembly, decontamination, metal melting, compaction, incineration, resin sluicing/dewater, bulk waste assay…