In a collaborative cybersecurity advisory, the US National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and Japanese law enforcement have issued a warning to multinational corporations regarding the China-linked hacker group known as BlackTech.
This joint advisory, which also involves the US Cybersecurity and Infrastructure Security Agency and its Japanese counterpart, strongly advises companies to conduct thorough reviews of the internet routers used in their subsidiaries. The goal is to minimize the potential risk of cyberattacks from the BlackTech group.
The advisory emphasizes that BlackTech has demonstrated its ability to modify router firmware without being detected. Additionally, they exploit the domain-trust relationships of these routers to move from international subsidiaries to the main headquarters in Japan and the United States, which are the group’s primary targets, as stated in the advisory.
Japan’s National Police Agency, in a separate statement, noted that BlackTech has been involved in cyberattacks on various governments and technology sector companies in the United States and East Asia since approximately 2010.