Chinese Coathanger malware hung out to dry by Dutch defense department

Discussion in 'other security issues & news' started by FanJ, Feb 8, 2024.

  1. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,617
    TheRegister - 6 Feb 2024
    https://www.theregister.com/2024/02/06/dutch_defense_china_cyberattack/

    Lots of other links and articles:
    In Dutch :
    - Nationaal Cyber Security Centrum
    https://www.ncsc.nl/actueel/nieuws/...nadrukt-aanhoudende-interesse-in-edge-devices
    - Militaire Inlichtingen- en Veiligheidsdienst (MIVD)
    https://www.defensie.nl/actueel/nie...thult-werkwijze-chinese-spionage-in-nederland

    In English, .pdf file by Military Intelligence and Security Service (MIVD).
    Go here for the long .pdf file:

    https://www.ncsc.nl/documenten/publicaties/2024/februari/6/mivd-aivd-advisory-coathanger-tlp-clear

     
  2. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,862
    Location:
    Outer space
    This seems like a PR move to turn an embarassing failure into a win. As pointed out by investigative journalist Huib Modderkolk: The vulnerability was already patched in december 2022, but the Ministry of Defence still had an unpatched device, which was discovered and exploited, and then noticed too late by the Ministry of Defense:
    https://twitter.com/huibmodderkolk/status/1754891286291611741
     
  3. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,617
    Yes, I know. I did read articles (at NRC, NOS for exampe) and saw the interview with the head of the MIVD on TV.
    Not any doubt that the vulnerability should have been patched; 100 percent agreed!

    I don't use twitter or any other social media for that matter. But of course I know (recognize) the name of the person you mentioned!

    The other side of the coin:
    It was good that there was raised again awareness about not patching FortiGate...
    And there was now an analysis about that malware (see that English .pdf file).

    And, yes, I know that China denies any involvement...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.