The United States and international cybersecurity authorities have issued a Joint Cybersecurity Advisory (CSA) titled “People’s Republic of China-Linked Cyber Actors Hide in Router Firmware.” The authoring agencies have observed People’s Republic of China-linked cyber actors leveraging this exploitation of routers to pivot from global subsidiary companies to corporate headquarters networks in the US and Japan. Several specific detection and mitigation methods are provided in this CSA.
This CSA is also available on cisa.gov and here.