China hackers penetrate Dutch military network via FortiGate

State-backed Chinese cyber espionage has targeted the Dutch military via Fortinet FortiGate devices.

The malware was discovered on a separate computer in the armed forces in 2023. The Military Intelligence and Security Service (MIVD) determined that a China state-sponsored actor was behind the attack.

The MIVD said it had discovered malware used by China specifically for espionage purposes. Attackers leverage a flaw in FortiGate devices to remotely connect to networks.

The Dutch military’s computer was used for unclassified research and development, the system was self-contained, and, therefore, didn’t cause any collateral damage.

“For the first time, the MIVD has chosen to make public a technical report on the working methods of Chinese hackers. It is important to attribute such espionage activities by China,” said Defense Minister Kajsa Ollongren. “In this way we increase international resilience against this type of cyber espionage.”

The malware was installed using a known vulnerability in FortiGate devices. The vulnerability CVE-2022-42475 was classified as high impact in December 2022.

Experts specified that the malware, a remote access trojan (RAT), was aimed not at gaining, but maintaining access to the network.

More from Cybernews:

SpaceX probed by California over sex bias, retaliation claims

Tech layoffs full steam ahead in 2024

Toothbrushes are a cybersecurity risk, too: millions participate in DDoS attacks

FlipperZero used to steal a Mercedes, ​​X users suspect

Midjourney hires Apple Vision Pro’s engineer

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked