× Startups Business News Education Health Finance Technology Opinion Wealth Rankings Politics Leadership Sport Travels Careers Design Environment Energy Luxury Retail Lifestyle Automotives Photography International Press Release Article Entertainment
×

US vs China: Suspected Chinese Hackers Breach More US defence And Tech Firms

December 2, 2021

A suspected Chinese hacking campaign has breached four more US defence and technology companies in the last month, and hundreds more US organizations are running the type of vulnerable software that the attackers have exploited, according to research result shared.

The apparent espionage activity, which the National Security Agency helped investigate when it emerged in recent months, is more extensive than previously known and has seen the hackers steal passwords from targeted organizations with the goal of intercepting sensitive communications.

The cybersecurity researchers in November publicly confirmed just one victimized US organization, but they now say the number is at least five and could continue to grow.



Several sectors are targeted
Globally, at least 13 organizations total in sectors such as defence, health care, energy and transportation are now confirmed to have been breached, cybersecurity firm Palo Alto Networks warned in a report published Thursday.

Palo Alto Networks identified about 600 cases in the US of systems running a type of vulnerable software that the hackers have exploited. That includes installations at 23 universities, 14 state or local governments and 10 health care organizations, the researchers said.

It's the type of digital spying that the US government has for years tried to expose before it compromises sensitive data related to national security or trade secrets.

The hacking effort shares similarities with the techniques of a group Microsoft has identified as operating in China, Palo Alto Networks said. The ultimate impact of the computer intrusions is not yet clear because investigations of the breaches are ongoing. But Palo Alto Networks' Unit 42 researchers believe the hackers could be trying to gain long-term access to computer systems in order to siphon off key data from US companies.

"This adversary has aggressively targeted organizations in the United States and elsewhere in defense, technology and other critical sectors," Ryan Olson, vice president of Palo Alto Networks' Unit 42 division, commented.

"While we're still learning more about the impact of these attacks, we urge organizations to quickly patch vulnerable systems and follow recommendations for determining whether they've been compromised," Olson said.

The NSA declined to comment on the new research. The US Cybersecurity and Infrastructure Security Agency, which has also sought to blunt the impact of the hacking campaign, referred questions to Palo Alto Networks.



Beijing denies hacking operations
The Chinese Embassy in Washington did not respond to a request for comment. While Beijing routinely denies conducting hacking operations, cybersecurity has been a regular source of tension in US-China relations for years.

The Biden administration in July blamed China for different hacking activities that exploited Microsoft email software and, experts say, exposed organizations across the world to follow-on hacks from cybercriminals.
A senior Biden administration official at the time called it part of "a pattern of irresponsible behaviour in cyberspace" from China. Beijing denied involvement.

The latest suspected Chinese cyber activity does not appear to risk that level of collateral damage. But it still has the attention of senior US cybersecurity officials, who have worked with the researchers to warn potential victim companies.



Hackers shifting approach
The hackers have in recent weeks shifted from exploiting one popular piece of software to another in a quest to compromise more organizations. Fixes are available for both software products, which are made by the multinational technology firm Zoho. But many of the firms' customers have yet to update their systems and remain vulnerable.

If Chinese involvement in the campaign is confirmed, it would add to multiple instances in recent years of alleged Chinese hackers seeking to burrow into the networks of US defence contractors. A 2014 Senate investigation found that Chinese government-linked hackers had breached contractors for US Transportation Command 20 times in one year. The command, which is responsible for the global movement of US troops and military equipment, had been aware of only two of those breaches.












SOURCE: CNN
IMAGE SOURCE: PIXABAY











 
 
  • PAID CONTENT