Cybersecurity Firm Says Chinese Hackers Breached Six US State Agencies
An anonymous reader quotes a report from CNN: A Chinese government-backed hacking group has breached local government agencies in at least six US states in the last 10 months as part of a persistent information-gathering operation, investigators at cybersecurity firm Mandiant said Tuesday. The wide range of state agencies targeted include "health, transportation, labor (including unemployment benefit systems), higher education, agriculture, and court networks and systems," the FBI and US Cybersecurity and Infrastructure Security Agency (CISA) said in a separate, private advisory to state governments obtained by CNN. For agencies in two states, the hackers broke into networks using a critical software flaw that was revealed in December just as the Biden administration was scrambling to respond to the flaw's discovery, according to Mandiant. The hackers' motives aren't clear, but their victims are "consistent with an espionage operation," the firm said. The list of state agencies affected by the hacking could grow as the investigation continues. CISA on December 10 publicly warned that Log4J -- software used by big tech firms around the world -- had a vulnerability that hackers could easily exploit to gain further access to computer systems.Hundreds of millions of computers around the world ran the vulnerable software, US officials later estimated. For weeks, US officials urged companies to update their software; the White House hosted a meeting in January with tech executives to try to address the root problem of software that is not secure by design. Within hours of the CISA advisory, the Chinese hackers had begun using the Log4J flaw to break into the two US state agencies, according to Mandiant. Agencies in four other states were hacked via other means. In one state, Mandiant said, the hackers accessed personal data on some Americans, including names, email addresses and mobile phone numbers. Mandiant declined to name the US states or agencies affected. While the hackers' ultimate objectives are unclear, state agencies could provide a wealth of useful information to foreign spies, whether data related to elections or government contracting. Mandiant blamed the hacking campaign on a group that the Justice Department has linked with China's civilian intelligence agency. That hacking group, according to a US indictment unsealed in September 2020, has been linked to attempts to breach hundreds of organizations around the world, from hardware makers to pro-democracy politicians in Hong Kong.
Read more of this story at Slashdot.