China Hacked Six US Government Networks
US cyber security firm Mandiant (soon to be owned by Google) has identified “at least six U.S. state government networks” that were hacked by a Chinese state-sponsored espionage group known as APT41.
Mandiant say “a persistent months-long campaign” conducted by APT41 used “vulnerable Internet facing web applications as their initial foothold” into the Government networks.
“APT41 is a prolific Chinese state-sponsored espionage group known to target organisations in both the public and private sectors and also conducts financially motivated activity for personal gain,” Mandiant reports.
The group used a zero-day vulnerability in the USAHerds application as well as the zero-day in Log4j, which caused chaos last year.
“While the overall goals of APT41’s campaign remain unknown, our investigations into each of these intrusions has revealed a variety of new techniques, malware variants, evasion methods, and capabilities.”