back to article China's FortiGate attacks more extensive than first thought

The Netherlands' cybersecurity agency (NCSC) says the previously reported attack on the country's Ministry of Defense (MoD) was far more extensive than previously thought. The NCSC first published details of a Chinese state-sponsored malware campaign in February, but has continued to investigate the case along with the …

  1. Mike 137 Silver badge

    "CVE-2022-42475 – a critical (9.8) buffer overflow bug in FortiOS SSL-VPN"

    So what happened to the use of memory-safe languages?

    It's utterly deplorable that security appliances seem to be coded to the same abysmal standards as the systems they're intended to protect. As Juvenal said centuries back "who guards the guards?" -- apparently nobody these days.

    1. Anonymous Coward
      Boffin

      Re: "CVE-2022-42475 – a critical (9.8) buffer overflow bug in FortiOS SSL-VPN"

      > .. It's utterly deplorable that security appliances seem to be coded to the same abysmal standards as the systems they're intended to protect ..

      Not just the code but the hardware its intended to run on. Unless such bugs are intentionally left-in back-doors. Regardless, who is going to protect us from those no-good Chinese atheist hackers /s

  2. ExpatZ

    Vault 7

    Everyone remember Vault 7 right?

    The CIA hacking kit that was designed to leave traces of their adversaries behind, remember that?

    Who is calling China a threat to the world right now again?

    Who is it that wants every European nation to stop doing business with China again?

    Yeah, that makes far more sense than China hacking the Netherlands.

    Looking forward to being proven right again.

    1. ecofeco Silver badge

      Re: Vault 7

      There are no good guys when it comes to international skullduggery and geopolitics.

    2. This post has been deleted by its author

    3. Casca Silver badge

      Re: Vault 7

      It was the US who put up chinese police stations in the Netherlands to then?

      1. ExpatZ

        Re: Vault 7

        Yeah, that was debunked like a day after it was "reported".

        Do keep up.

        1. Potemkine! Silver badge
        2. Casca Silver badge

          Re: Vault 7

          Sure, good of you to confirm you are a chinese simp

    4. Steve Crook

      Re: Vault 7

      Just because something could be something else, doesn't mean it is.

      Unless you're saying that China (among others) just don't do this sort of thing, so it it must have been a third party. Which all seems to fly in the face of everything Occam held dear...

      1. ExpatZ

        Re: Vault 7

        Yeah, try not to look at reality why dontcha.

        1. This post has been deleted by its author

        2. Anonymous Coward
          Anonymous Coward

          Re: Vault 7

          So the Chinese will happily sacrifice their own people en mass, are currently trying to rewrite Tianmen Square on twitter as a peaceful event - the violence being somehow staged by the West 4 miles away!? - & thousands of people are harvested for organs as punishment for crime, but, they'd never hack a router!

        3. Casca Silver badge

          Re: Vault 7

          lol, your "reality"? No thanks

  3. Anonymous Coward
    Anonymous Coward

    Don't play the game.

    The best security policy is to not connect to the internet. There is way too many connected systems that really don't need to be. Why the hell does my EV need to be constantly connected to the internet?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like