Sophos details five-year struggle against Chinese hackers targeting network devices

Sophos has released a series of reports called "Pacific Rim," detailing a five-year conflict with Chinese hackers targeting networking devices globally. These attacks have involved exploiting vulnerabilities in devices from various manufacturers, including Sophos. The cybersecurity firm attributes these activities to groups like Volt Typhoon, APT31, and APT41/Winnti. Sophos began tracking these threats in 2018, when they first targeted the company's Indian subsidiary, Cyberoam. Over the years, the hackers have improved their tactics, using advanced malware and compromised devices to evade detection. Sophos has also taken proactive measures, deploying implants on compromised devices to gather intelligence on the attackers.