Iran’s Fox Kitten hackers are using vulnerabilities to plant backdoors inside U.S. business networks. Whether it is the Pulse VPN vulnerability – there are still thousands of Pulse VPN servers that are not patched or if it is the Citrix Netscaler vulnerability which has been actively exploited for several months or if it is the Fortinet or Palo Alto bugs, the result is the same.
Iranian hackers are, unfortunately, very competent – as are the North Koreans, Russians and Chinese.
And, they are very motivated to break in to U.S. businesses and stay there undetected.
Recently, in the case of the Marriott hotel chain, “undetected” lasted for FOUR YEARS.
There are likely Chinese and Iranian hackers currently hiding inside an unknown number of U.S. business networks.
And, according to DHS, inside U.S. Critical Infrastructure networks.
Would YOU know if foreign national state actors were hiding inside your network? HOW would you know?
If they are stealing credit cards, we find out about it quickly because stealing credit cards serves no purpose if you don’t use them. If, however, they are stealing intellectual property – the theft of which is costing U.S. businesses tens of billions of dollars a year – then they can likely do that and remain undetected forever if they are a bit clever.
You can hope it doesn’t happen to you, but hope is not a great strategy.
Source: Computing Magazine
This case is likely