Connect with us

Hi, what are you looking for?

Politics

Cybersecurity firm says Chinese hackers breached six US state agencies

The wide range of state agencies targeted include “health, transportation, labor (including unemployment benefit systems), higher education, agriculture, and court networks and systems,” the FBI and US Cybersecurity and Infrastructure Security Agency (CISA) said in a separate, private advisory to state governments obtained by CNN.

For agencies in two states, the hackers broke into networks using a critical software flaw that was revealed in December just as the Biden administration was scrambling to respond to the flaw’s discovery, according to Mandiant.

The revelation shows how difficult it can be to keep state-backed hackers from accessing US networks — even when US officials are sounding the alarm about a potential threat. And it’s a reminder that as many analysts are watching for Russian cyber threats during the Ukraine war, other foreign governments aren’t letting up in targeting US networks.

The hackers’ motives aren’t clear, but their victims are “consistent with an espionage operation,” the firm said. The list of state agencies affected by the hacking could grow as the investigation continues.

CISA on December 10 publicly warned that Log4J — software used by big tech firms around the world — had a vulnerability that hackers could easily exploit to gain further access to computer systems.
Hundreds of millions of computers around the world ran the vulnerable software, US officials later estimated. For weeks, US officials urged companies to update their software; the White House hosted a meeting in January with tech executives to try to address the root problem of software that is not secure by design.
Within hours of the CISA advisory, the Chinese hackers had begun using the Log4J flaw to break into the two US state agencies, according to Mandiant. Agencies in four other states were hacked via other means.

In one state, Mandiant said, the hackers accessed personally data on some Americans, including names, email addresses and mobile phone numbers. Mandiant declined to name the US states or agencies affected.

While the hackers’ ultimate objectives are unclear, state agencies could provide a wealth of useful information to foreign spies, whether data related to elections or government contracting.

“This campaign is likely still going on. [The hackers] probably haven’t completed their mission,” said Rufus Brown, senior threat analyst at Mandiant’s Advanced Practices team.

The hackers have used multiple methods to access the state agency networks, and in some cases have returned to the same compromised network after Mandiant specialists contained the activity.

CNN has asked CISA to comment.

Mandiant blamed the hacking campaign on a group that the Justice Department has linked with China’s civilian intelligence agency. That hacking group, according to a US indictment unsealed in September 2020, has been linked to attempts to breach hundreds of organizations around the world, from hardware makers to pro-democracy politicians in Hong Kong.

“We firmly oppose and combat cyberattacks of any kind,” Chinese Embassy in Washington spokesperson Liu Pengyu said in an email. “We oppose making groundless accusations against China on cyber security and other related issues.

While Russian spying operations, such as the so-called SolarWinds hacking campaign, have gained considerable attention, analysts say Chinese hacking continues to pose a challenge to the Biden administration’s efforts to defend government networks. Suspected Chinese hackers compromised at least five US defense and technology firms in an apparent espionage effort, CNN reported in December.

Click to comment

Leave a Reply

Your email address will not be published.

You May Also Like

Politics

Within hours, his White House aides insisted that the President’s comments did not constitute any official US policy change, despite the fact that Biden...

Politics

“I think Twitter is going down,” he wrote on his Truth Social social media platform. “Bots, Spam, Fake Accounts (and more!), all add up...

Politics

The President argued the US has made “significant progress” in its recovery from the coronavirus pandemic, which he said has put America in a...

Politics

“Alone, you can only do so much. Any one of us can only do so much,” said Biden in remarks at the Ecuadorean presidential...

Politics

“Don’t believe the polling,” Kemp told a crowd Saturday near his hometown of Athens. But behind the mask of caution, Kemp and his team...

Politics

“We have had this monkeypox in large numbers in the past. We have vaccines to take care of it,” Biden said during a visit...

Politics

“Look, here’s the situation,” Biden told reporters during a joint press conference with Japanese Prime Minister Fumio Kishida in Tokyo. “We agree with the...

Politics

“You’re going to have a lot of very strong Trump supporters who are going to vote for Brian Kemp,” said Martha Zoller, a talk...