Malware used frequently in cyberattacks against the United States over the past decade has been linked to the Chinese government, according to a new Department of Homeland Security report.
DHS’s Cybersecurity and Infrastructure Security Agency alerted business owners and government officials this week that much of the malware, or software designed to damage a computer or network, planted in attacks on digital networks and devices was used by authorities in China. CISA said its counterparts at the Pentagon and the FBI contributed to the discovery of who was involved in the attacks, though it did not reveal the number or identities of U.S. victims.
“FBI has high confidence that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation,” CISA said in a statement. “CISA, FBI, and DoD are distributing this [Malware Analysis Report] to enable network defense and reduce exposure to Chinese government malicious cyber activity.”
The malware used by Chinese government actors is known as TAIDOOR and can be used to spy on Americans. Cybersecurity firms described to Bloomberg how this malware has been used in attacks on the airline, defense, technology, and government sectors.
The warning comes amid a rise in concern from the Trump administration over how the social media company TikTok may be spying on U.S. users. President Trump has threatened to ban the company pending Microsoft’s buying it out.
