TheRegister - 6 Feb 2024 https://www.theregister.com/2024/02/06/dutch_defense_china_cyberattack/ Lots of other links and articles: In Dutch : - Nationaal Cyber Security Centrum https://www.ncsc.nl/actueel/nieuws/...nadrukt-aanhoudende-interesse-in-edge-devices - Militaire Inlichtingen- en Veiligheidsdienst (MIVD) https://www.defensie.nl/actueel/nie...thult-werkwijze-chinese-spionage-in-nederland In English, .pdf file by Military Intelligence and Security Service (MIVD). Go here for the long .pdf file: https://www.ncsc.nl/documenten/publicaties/2024/februari/6/mivd-aivd-advisory-coathanger-tlp-clear
This seems like a PR move to turn an embarassing failure into a win. As pointed out by investigative journalist Huib Modderkolk: The vulnerability was already patched in december 2022, but the Ministry of Defence still had an unpatched device, which was discovered and exploited, and then noticed too late by the Ministry of Defense: https://twitter.com/huibmodderkolk/status/1754891286291611741
Yes, I know. I did read articles (at NRC, NOS for exampe) and saw the interview with the head of the MIVD on TV. Not any doubt that the vulnerability should have been patched; 100 percent agreed! I don't use twitter or any other social media for that matter. But of course I know (recognize) the name of the person you mentioned! The other side of the coin: It was good that there was raised again awareness about not patching FortiGate... And there was now an analysis about that malware (see that English .pdf file). And, yes, I know that China denies any involvement...
