This guidance was crafted in response to a PRC affiliated threat actor’s compromise of networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign. The compromise of private communications impacted a limited number of individuals who are primarily involved in government or political activity.
Although tailored to the Communications Sector, CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organizations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion. For more information on PRC state-sponsored threat actor activity, see CISA’s People's Republic of China Cyber Threat.
Reporting
The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at www.cyber.nj.gov/report.
Please do not hesitate to contact the NJCCIC at njccic@cyber.nj.gov with any questions. Also, for more background on our recent cybersecurity efforts, please visit cyber.nj.gov.
