The success of the campaign is an example of the danger software flaws pose even years after they are discovered. Zero-day attacks arehacks that exploit previously unknown weaknesses. Network and devices can be hard to update and secure with limited resources and money.
Rob Joyce explained that the advisory was meant to give step-by-step instructions on finding and expelling the hackers. He said that to kick the Chinese hackers out, we must understand the tradecraft.
The advisory directed telecom firms to keep their systems up-to-date and to reduce the exposure of their networks to the internet.
The hackers were able to access the network and break into the server because of the knowledge they had. They stole usernames and passwords, changed the routers, and copied traffic from the network to their own machines. They were able to spy on almost everything inside the organizations.
The attackers deleted log files on every machine they touched in order to destroy evidence. Despite the attackers trying to cover their tracks, US officials didn't explain how they discovered the hacks.
The Americans left out details about which hacking groups they are accusing of being from the Chinese government.
The advisory is yet another alarm raised by the United States about China. FBI Deputy Director Paul Abbate said in a recent speech that China “conducts more cyber intrusions than all other nations in the world combined.” The Chinese government routinely denies they engage in any hacking campaigns against other countries. The Chinese embassy in Washington, DC did not respond to a request for comment.