CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors. PRC state-sponsored cyber actors continue to exploit known vulnerabilities to actively target U.S. and allied networks, including software and hardware companies to illegally obtain intellectual property and develop access into sensitive networks. Likewise, these state-sponsored actors continue to use virtual private networks (VPNs) to obfuscate their activities and target web-facing applications to establish initial access.

CISA, the FBI, and the NSA urge U.S. and allied governments, critical infrastructure, and private sector organizations to apply the recommendations listed in the Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors to increase their defensive posture and reduce the threat of compromise from PRC state-sponsored malicious cyber actors.

Members are encouraged to review the details included in Activity Alert AA22-279A, including the list of top CVEs for products used in your environment and address accordingly. The CVEs disclosed include 2019 through present year. Most of the exploitation is of products that are widely used across all sectors, including water and wastewater. Access the Joint Cybersecurity Advisory at CISA.

Incident Reporting

Members are encouraged to report incidents and suspicious activities, first to local and other law enforcement authorities and then to WaterISAC by emailing analyst@waterisac.org, calling 866-H2O-ISAC, or using the online incident reporting form.