CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored cyber actors since 2020.

According to the Alert, these threat actors “continue to exploit known vulnerabilities to actively target U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.” CISA, the National Security Agency (NSA), and the FBI “assess PRC state-sponsored cyber activities as being one of the largest and most dynamic threats to U.S. government and civilian networks.”

The NSA, CISA, and the FBI “urge U.S. and allied governments, critical infrastructure, and private sector organizations to apply the recommendations listed in the Mitigations section and Appendix A to increase their defensive posture and reduce the threat of compromise from PRC state-sponsored malicious cyber actors.”

The Alert lists the top CVEs most used by Chinese state-sponsored cyber actors and provides mitigation tips to apply to reduce the risk of attack, including patching, multi-factor authentication, password and protocol management, upgrading or replacing devices at the end of their useful lives, moving toward a Zero Trust security posture, and enabling robust logging.

PRC attackers are believed to be behind some of the biggest data breaches the U.S. has seen. They continue to be a major threat to businesses in the U.S. Staying abreast of Alerts from CISA is helpful in minimizing risk and preventing becoming a victim of a state-sponsored cyber-attack.