September 27, 2023

People's Republic of China-Linked Cyber Actors Hide in Router Firmware

September 27, 2023

What we know so far

The U.S. NSA, FBI, CISA, Japan's NPA, and NISC have issued a joint cybersecurity advisory warning about the activities of China-linked cyber group, BlackTech. This group has been altering router firmware covertly and exploiting these routers to shift between international subsidiaries and their main offices, mainly in the U.S. and Japan. BlackTech, which has multiple aliases, targets various sectors, including those supporting the U.S. and Japan's militaries. Using custom malware and other discrete methods, they hide their activities. Companies are advised to inspect subsidiary connections, ensure secure access, and consider adopting Zero Trust models to mitigate risks.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories