Several U.S. government agencies have reportedly been hit by a cyberattack while Chinese spies appear to have separately infiltrated h...
Several U.S. government agencies have reportedly been hit by a cyberattack while Chinese spies appear to have separately infiltrated hundreds of public and private networks around the world.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said in a statement to CNN that the agency was “providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.”
It was not immediately clear which government agencies had been impacted or who the culprit was, although a “Russian-speaking ransomware group” reportedly claimed credit for the campaign, which targeted other entities around the world.
CISA Director Jen Easterly told MSNBC that the software that was targeted is used by agencies and companies around the world.
“You know, these vulnerabilities are pretty common in software, and our job is to work with businesses to ensure they have the resources and tools to mitigate that risk,” she said. “Right now, we’re focused specifically on those federal agencies that may be impacted, and we’re working hand-in-hand with them to be able to mitigate that risk. We understand that there are businesses, though, around the world. It’s another ransomware actor known as Clop Ransomware, and they’re basically taking data and looking to extort it.”
Separately, the U.S. cybersecurity firm Mandiant, which is owned by Google, said on Thursday that it believes state-backed Chinese hackers conducted a massive cyberattack on hundreds of private and public networks around the world.
“Mandiant assesses with high confidence that [a suspected China-nexus actor] conducted espionage activity in support of the People’s Republic of China,” the organization said in a statement. “While Mandiant has not attributed this activity to a previously known threat group at this time, we have identified several infrastructure and malware code overlaps that provide us with a high degree of confidence that this is a China-nexus espionage operation.”
The group said that the Chinese hackers focused on targets related to “high policy priorities for the PRC, particularly in the Asia Pacific region including Taiwan.”
ABC News reported that the victims of the Chinese cyberattack included organizations located in the Americas, Asia Pacific, Europe, Middle East, and Africa.