The authoring agencies have observed PRC-linked cyber actors leveraging this exploitation of routers to pivot from global subsidiary companies to corporate headquarter networks in the U.S. and Japan.
BlackTech actors have targeted government, industrial, technology, media, electronics, telecommunication, and defense industrial base sectors. These actors are targeting Windows, Linux, and FreeBSD operating systems using remote access tools (RATs) and several different custom malware payloads, such as BendyBear, FakeDead, and FlagPro, along with using living off the land technique to evade detection and blend in with normal operations and activities and appear legitimate.
“With our U.S. and international partners, CISA continues to call urgent attention to China’s sophisticated and aggressive global cyber operations to gain persistent access and, in the case of BlackTech actors, steal intellectual property and sensitive data . Today’s joint advisory with our partners in Japan highlights our extensive and persistent collaboration to provide actionable and timely guidance to businesses, government and critical infrastructure. BlackTech activity targets a wide range of public organizations and private industries across the U.S. and East Asia. We encourage all organizations to review the advisory, take action to mitigate risk, report any evidence of anomalous activity, and continue to visit cisa.gov/china for ongoing updates about the heightened risk posed by PRC cyber actors.”
Eric Goldstein, Executive Assistant Director for Cybersecurity
With partners in the NSA, FBI, and Government of Japan, CISA urges critical infrastructure and private sector organizations to apply the recommended mitigations in this advisory to strengthen their cyber defenses and reduce threat of compromise from BlackTech.
Read the full Advisory
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more