Sophos, a UK cybersecurity firm, experienced a breach initiated by a Chinese hacker group that exploited vulnerabilities in their network security devices. The targeted attacks lasted over five years, compromising firewalls to gather intelligence and infiltrate a range of high-profile targets, including nuclear energy, military institutions, government agencies, and critical infrastructures across Asia, Europe, the Middle East, and the US. The severity of the incident was amplified by the strategic use of zero-day vulnerabilities and the attackers' focus on critical sectors, suggesting potential large-scale disruption and intelligence gathering for state-sponsored activities.
Source: https://www.wired.com/story/sophos-chengdu-china-five-year-hacker-war/
"id": "sop000110124",
"linkid": "sophos",
"type": "Vulnerability",
"date": "10/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"