Just a month after the FCC banned foreign consumer-grade routers that lack the special permissions to be sold, the Cybersecurity and Infrastructure Security Agency (CISA), along with the National Cyber Security Centre (NCSC-UK) and other security orgs, has advised users of their risks. Compromised home routers, it seems, are the new cybersecurity bugbears.
This is because, as CISA puts it: "Over the past few years there has been a major shift in the tactics, techniques and procedures (TTPs) used by China-nexus cyber actors, moving away from the use of individually procured infrastructure, and towards the use of externally provisioned, large-scale networks of compromised devices."
'Covert networks' have supposedly been used "for each phase of their Cyber Kill Chains, from performing scans as part of reconnaissance, to the delivery of malware, communicating with said malware, and exfiltrating stolen data from...
English (US)