Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
National
Via AP news wire

Cyber firm: At least 6 US state governments hacked by China

Copyright 2022 The Associated Press. All rights reserved

Hackers working on behalf of the Chinese government broke into the computer networks of at least six state governments in the United States in the last year, according to a report released Tuesday by a private cybersecurity firm.

The report from Mandiant does not identify the compromised states or offer a motive for the intrusions, which began last May and continued through last month. But the Chinese group believed responsible for the breaches, APT41, is known to launch hacking operations both for old-fashioned espionage purposes and for financial gain.

“While the ongoing crisis in Ukraine has rightfully captured the world’s attention and the potential for Russian cyber threats are real, we must remember that other major threat actors around the world are continuing their operations as-usual,” said Geoff Ackerman, a principal threat analyst at Reston, Virginia-based Mandiant Inc.

He added in his statement: “We cannot allow other cyber activity to fall to the wayside, especially given our observations that this campaign from APT41, one of the most prolific threat actors around, continues to this day.”

State agencies remain ripe targets for hackers, even as the Biden administration has announced additional steps to safeguard federal government systems from hacking. That's an especially urgent concern in light of the massive SolarWinds espionage campaign in which Russian intelligence operatives exploited supply chain vulnerabilities to break into the networks of at least nine U.S. agencies and dozens of private-sector companies.

In this case, the report says, the hackers exploited a previously unknown vulnerability in an off-the-shelf commercial application used by 18 states for animal health management. In addition, they exploited a software flaw known as Log4j that was discovered in December and that U.S. officials said was possibly present in hundreds of millions of devices. The hackers began exploiting the vulnerability within hours of an advisory that disclosed it to the public, using it to re-compromise two state government networks.

The hackers' “persistence to gain access into government networks, exemplified by re-compromising previous victims and targeting multiple agencies within the same state, show that whatever they are after it is important,” Rufus Brown, a senior threat analyst at Mandiant, said in a statement. "We have found them everywhere, and that is unnerving.”

The report by Mandiant links the hacking to APT41, which was implicated in a 2020 Justice Department indictment that accused Chinese hackers of targeting more than 100 companies and institutions in the U.S. and abroad, including social media and video game companies, universities and telecommunications providers.

“Through all the new, some things remain unchanged: APT41 continues to be undeterred by the U.S. Department of Justice (DOJ) indictment in September 2020,” the report states.

The Chinese government in the past has denied U.S. accusations of hacking.

Mandiant is being acquired by Google in a deal worth $5.4 billion, the companies announced on Tuesday.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.