Research published by cybersecurity firm Mandiant said that a Chinese state-sponsored hacking group successfully compromised the computer networks of at least six US state governments between May 2021 and February this year.
According to Mandiant, the hacking group APT41 exploited vulnerabilities in web applications to get their initial foothold into state government networks.
“APT41′s recent activity against U.S. state governments consists of significant new capabilities, from new attack vectors to post-compromise tools and techniques. APT41 can quickly adapt their initial access techniques by re-compromising an environment through a different vector or by rapidly operationalizing a fresh vulnerability,” Mandiant researchers said on Tuesday.
Other researchers, including from BlackBerry, have previously identified APT41 as “a prolific Chinese state-sponsored cyber threat group.”
Last month, FBI Director Christopher Wray accused the Chinese government of “trying to steal” information and technology and launching cyberattacks.
Last year, the US, European Union, NATO, and other allies blamed China for the massive cyberattack on Microsoft Exchange email servers, which Zhao Lijin, China’s foreign ministry spokesperson, denied.
“China firmly opposes and combats any form of cyberattacks and will not encourage, support, or condone any cyberattacks,” Zhao said in July.
In September 2020, the US Department of Justice indicted five Chinese nationals, some it said were part of APT41, with computer intrusions affecting over 100 victim companies in the US and abroad.
Meanwhile, Google said it plans to acquire Mandiant, a Nasdaq-listed cybersecurity firm based in the US, for around $5.4 billion.
© Fourth Estate
® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.