Cyber security. Photo: IC
China’s Ministry of State Security (MSS) published an article on Friday to remind the public not to ignore the security of the idle network devices, as national security agencies discovered that overseas espionage organizations have been frequently targeting idle and discarded network equipment for cyberattacks in recent years, resulting in some network devices becoming “backdoors” for data leaks, posing a serious threat to China’s network security and data safety.
With the rapid development of the internet, the scale of network devices has grown exponentially. The swift evolution of network technology and applications has accelerated the iteration and upgrading of network equipment, leading to a significant rise in idle and discarded network devices, the MSS said in the article.
It was discovered that a decommissioned server belonging to a certain unit remained in the information technology room, creating an opportunity for overseas espionage agencies. These agencies gained control of the server through network scanning, subsequently infiltrating the internal network and using the decommissioned server as a springboard for cyberattack activities, according to the MSS.
A domestic camera monitoring platform was also found to have suffered an overseas cyberattack. Analysis revealed that the control platform’s server contained numerous usernames and passwords for the cameras it managed.
After being established, the platform remained idle, continuously powered on but without management, leading to high-risk issues such as long-term neglect, outdated system versions, and database vulnerabilities. If overseas espionage agencies could take control of this platform remotely, they could manipulate the relevant cameras for observation and potential intelligence theft, said the MSS.
In another case exposed by the MSS, a manufacturing company was found to have abnormal traffic transmission in a system developed by a third party. Upon investigation, it was found that the company had privately mapped multiple ports to the outside for easier system maintenance and had not closed them for a long time. Overseas espionage agencies scanned the mapped ports and used remote desktop access to log into the company’s system server, conducting cyberattacks, according to the MSS.
The MSS reminded the public to conduct comprehensive security precautions, thorough technical measures, and strengthen security education.
Global Times