iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The admission follows guidance from the US Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre on hardening networks against Chinese hackers.
Officials from the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have urged people to turn to encrypted messaging applications to avoid their communications being intercepted by Chinese threat actors embedded in some of the country’s largest telcos.
CISA’s executive assistant director for cyber security, Jeff Greene, joined a senior FBI official – who chose not to be named – in a press call to make the recommendation on 3 December.
“Our suggestion, what we have told folks internally, is not new here: encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” Greene told the media.
According to Greene, it is currently impossible “to predict a time frame on when we’ll have full eviction”.
The FBI official said that while this current campaign is quite sizable, it’s still largely traditional.
“We see this as a cyber espionage campaign, not dissimilar to any other approaches. Certainly, the way they went about it was very, very specific about the telcos and the ISPs, but it fits into the cyber espionage bucket,” the official said.
The FBI official added that keeping smartphones up to date was a wise choice in the current environment.
“People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant multifactor authentication for email, social media and collaboration tool accounts,” the official said.
On the same day, CISA and its partners – including the Australian Signals Directorate’s Australian Cyber Security Centre – released guidance on protecting networks from PRC-affiliated threat actors and enhancing visibility against their activity.
The guidance – Enhanced Visibility and Hardening Guidance for Communications Infrastructure – offers advice on monitoring techniques for network engineers and defenders, as well as protocols and management processes for actively hardening networks against cyber espionage.
“CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organisations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion,” CISA said in a statement.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
