hackers linked to chinese government have invaded state networks in us, security firm says

Hackers linked to China’s Ministry of State Security have spent most of the last year infiltrating and moving freely through state government networks across the United States, according to a report by the cybersecurity firm Mandiant.

Released on Tuesday, the report says that the hacking group known as APT41, whose members are already sought by the FBI for allegedly working on behalf of Beijing to conduct cyberattacks, began targeting at least six state governments starting last spring, and had not let up through the end of February.

“This is a pretty unique switch,” Rufus Brown, a ​​senior threat analyst at Mandiant and the lead author of the report, said about the attacks. “Since May 2021, we’ve seen them just continuously hammer these state governments.”

“It’s very persistent, very continuous, and they keep coming back for whatever they want,” he said. “We likely assess that there are more states affected.”

hackers linked to chinese government have invaded state networks in us, security firm says

US Deputy Attorney General Jeffrey Rosen announcing charges on September 16, 2020, related to a computer intrusion campaign by the APT41 hacking group, which has ties to the Chinese government. Photo: EPA-EFE

Brown declined to disclose which states were attacked. The National Governors Association did not immediately respond to a request for comment.

It is unclear what or how much information APT41 might have stolen from the various state agencies, but the attackers jumped from department to department, and in at least one instance stole a batch of personal identifying information, Brown said.

The report said that the hackers also targeted a Microsoft-based agriculture database used by 18 states to document livestock health, known as USAHerds.

The National Agribusiness Technology Centre, the organisation that runs the USAHerds network, did not immediately respond to a request for comment.

And when a global software bug known as the “log4j vulnerability” was made public late last year – described by a top US cybersecurity official as “the most serious vulnerability I have seen in my decades-long career” – the hackers took less than two days to begin using it to target the state governments, Mandiant reported.

“Stopping them is very hard,” said Brown. “The only thing that really is going to help this is arresting the individuals.”

The cyberattacks against the state governments come as top leaders in China have spoken in recent years about maintaining close ties with individual states – a sort of counterbalance to Beijing’s deteriorating relationship with Washington.

Chinese leader Xi Jinping said in 2020 that his country should work with “American states, local councils and businesses”.

Some state governors have expressed a willingness to maintain strong business ties with China, even as their counterparts in Washington criticise Beijing.

During the administration of former president Donald Trump, then-secretary of state Mike Pompeo warned an association of US governors to be wary of Chinese influence and investment in their states.

“​​The competition with China is not just a federal issue,” he said at the time.

In 2020, the US Department of Justice charged five Chinese nationals and members of the group APT41 with various cybercrime offences, including identity theft, money laundering and computer violations.

The Justice Department said at the time that one of the Chinese nationals charged had boasted that he was protected by the Ministry of State Security, China’s intelligence agency.

Brown, whose firm began the investigation after it was contacted by one of the state governments about suspicious activity in its network, said that based on his investigation, he had “100 per cent” confidence that the attacks were perpetrated by APT41.

Google’s parent company Alphabet announced on Tuesday that it was set to buy Mandiant, which is based in Virgina, for about $5.4 billion USD.

China has denied for years that it has facilitated cyberattacks abroad, and says that it too is a victim of hacking.

On Saturday, in Chinese Premier Li Keqiang’s annual government work report, he called for China to “strengthen cybersecurity, data security, personal information protection”, according to an official summary.

hackers linked to chinese government have invaded state networks in us, security firm says

Chinese Premier Li Keqiang during the opening ceremony of the National People’s Congress at the Great Hall of the People in Beijing on Saturday. Photo: Kyodo

Liu Pengyu, the spokesman for the Chinese embassy in Washington, did not comment on the details of the Mandiant report, but said that China opposes “making groundless accusations against China on cybersecurity and other related issues”.

In the past, China has also been accused of hacking US federal government personnel files, military contractors and news organizations; Washington remains suspicious about Beijing’s commitment to cybersecurity.

Observers have also expressed alarm over a Chinese law passed last year, which orders companies that find cybersecurity vulnerabilities to inform Beijing first before notifying any global cybersecurity organisations.

Mandiant’s report came as US intelligence agencies were testifying to Congress about their annual “threat assessment” document, which called China “the broadest, most active, and persistent cyberespionage threat to US Government and private sector networks”.

“China almost certainly is capable of launching cyberattacks that would disrupt critical infrastructure services within the United States, including against oil and gas pipelines and rail systems,” the document said.

TECH NEWS RELATED

TikTok EU ban on the table if social network doesn’t comply with new laws

TikTok is one of the most popular social networks out there. But TikTok is also a cause of concern for western governments that worry about the company’s ties to the Chinese government. TikTok can’t run on most devices the US government issues, and there has been talk of a ...

View more: TikTok EU ban on the table if social network doesn’t comply with new laws

Don’t Buy a Foldable Until Samsung Brings This Prototype to Life

Samsung Display via The Verge The world of foldable phones is surprisingly stagnant. The Galaxy Z Fold gets a tiny little upgrade every year, and rival phone brands loosely copy Samsung’s homework. But a new Samsung Display prototype called the “Flex In & Out” could turn this narrative on ...

View more: Don’t Buy a Foldable Until Samsung Brings This Prototype to Life

Best free sports streaming apps in 2023

Cutting the cord on cable television is something tons of people have done over the past five years. But that hasn’t proven to be the smartest way to continue to watch sports. Whether it comes from premium sports website subscriptions to keep tabs on your favorite players, or even fantasy ...

View more: Best free sports streaming apps in 2023

Avengers 5 might have Ant-Man in it, Quantumania star teases

The first MCU Phase 5 movie will be Ant-Man and the Wasp: Quantumania, the third installment in the Ant-Man franchise and a film with much higher stakes than the previous episodes. The sequel will deliver the MCU’s first Kang (Jonathan Majors) villain after we met a somewhat good He Who ...

View more: Avengers 5 might have Ant-Man in it, Quantumania star teases

Sharing a Netflix Account? Get Ready to Pay For It

DANIEL CONSTANTE/Shutterstock.com Netflix is about to get serious in its efforts to eliminate freeloaders. If you share a Netflix account with family or friends outside your household, get ready to pay for it. A new “paid sharing” system could roll out starting next month, and you’ll have to pay a ...

View more: Sharing a Netflix Account? Get Ready to Pay For It

‘7 Wonders’ Board Game Gets a New ‘Edifice’ Expansion

Asmodee and Repos Production Board game lovers have a wonderful reason to celebrate today. Board game makers Asmodee and Repos Production announced their latest collaboration: 7 Wonders Edifice, an expansion to the popular board game 7 Wonders. The game launches on February 24th for $29.99. 7 Wonders: Edifice adds ...

View more: ‘7 Wonders’ Board Game Gets a New ‘Edifice’ Expansion

T-Mobile Kicks Off 2023 With Another Data Breach

r.classen / Shutterstock.com In a press release, T-Mobile confirms that it detected a data breach in its systems on January 5th. A “bad actor” managed to steal personal information (but not financial data) from around 37 million customers. This is the eighth T-Mobile data breach since 2018. The hacker ...

View more: T-Mobile Kicks Off 2023 With Another Data Breach

Apple appeals to UK competition watchdog investigation about mobile browser dominance

Apple has filed an appeal against the UK’s competition watchdog regarding its dominance of mobile browsers in the cloud gaming market, reports Reuters. The Competition and Markets Authority started investigating this dominance by the Cupertino firm and Google. Lawyers representing Apple believe the investigation should be reviewed as CMA ...

View more: Apple appeals to UK competition watchdog investigation about mobile browser dominance

Galaxy S23 Ultra release date and specs leak finally reveals everything about the new model

WhatsApp for iOS rolling out the ability to create a chat with yourself

Amazon Prime Music Unlimited changes streaming prices, now matches Apple Music

Deadpool 3 and Secret Wars to feature Fox’s X-Men, according to Marvel insider

Report: OLED iPad Pro still on track for 2024 release, 2026 for MacBook Pro

How to negotiate over practically anything

HomePod 2 praised in exclusive hands-on before launch

M2 Pro MacBook Pro Amazon preorder deal gives you $50 off

What “choice” means for millions of women post-Roe

Singapore FinTech firm Pilon secures $5.2M seed funding led by Wavemaker Partners

Capital Square Partners and Basil Technology team up for $700M tech fund in Asia

This feel-good movie about man’s best friend is dominating Netflix

OTHER TECH NEWS

Top Car News Car News