Hackers paid by the Chinese government infiltrated the computer networks of at least six state governments in the United States last year, according to a report released Tuesday by a private cybersecurity firm.
The hacks, which exploited vulnerable web applications from last May and continued through February, were identified by Mandiant, a well-known American cybersecurity firm.
The Mandiant report doesn’t identify the compromised states or the motive for the attacks, but the firm says that Chinese group APT41, an entity known to hack for espionage and financial gain, is responsible for the breaches.
“While the ongoing crisis in Ukraine has rightfully captured the world’s attention and the potential for Russian cyber threats are real, we must remember that other major threat actors around the world are continuing their operations as usual,” Geoff Ackerman, a principal threat analyst at Mandiant, said in a statement.
“We cannot allow other cyber activity to fall to the wayside, especially given our observations that this campaign from APT41, one of the most prolific threat actors around, continues to this day,” he added.
FBI INVESTIGATING 100 TYPES OF RANSOMWARE, MANY FROM RUSSIAN HACKERS
The report highlights that hackers exploited a commercial application used by 18 states for animal health management and that the hackers exploited the vulnerability within hours of a public announcement in December that there was a software flaw in the open-source logging code.
The hacking group APT41, which U.S. officials have previously tied to Beijing’s Ministry of State Security, was also implicated in a 2020 Justice Department indictment that blamed Chinese hackers for attacking over 100 organizations in the U.S. and elsewhere.
“APT 41 continues to pose a significant threat to public and private organizations alike around the world,” said Ackerman. “We have found them everywhere, and that is unnerving.”
Despite cyberattacks being a common problem in the past decade, it is only the series of massive attacks on the computer systems of the federal government, the Colonial Pipeline, and the meat producer JBS in 2021 that have brought mainstream awareness to the need for increased cybersecurity by governments and businesses.
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
In the past, the Chinese government has denied U.S. accusations of being involved in hacks.
