Cybersecurity Firm Says China-Linked Hackers Targeted US Government Agencies


A cybersecurity firm has revealed that government agencies in at least six US states have been targeted by China-linked hackers in the past two months. Investigators from cybersecurity firm Mandiant claimed the hacking group was backed by the Chinese government and breached local government agencies in the United States as part of an information-gathering operation, CNN reported. The hackers reportedly used different means to gain access to the networks of state agencies.

Mandiant revealed that hackers used a critical software flaw to breach agency networks in two states in December. The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) revealed in a statement that the targeted state agencies include “health, transportation, higher education, agriculture, networks and systems judicial”. CNN reported citing private advice to state governments. The cybersecurity firm revealed that the motive behind the targeting of US state government agencies is unclear, however, the hacking group’s targets are “consistent with a spy operation”.

Hackers accessed personal data of some Americans: cybersecurity firm

According to reports, the state agencies that are targeted by the hacking group may increase as the investigation continues. According to Mandiant, hackers in one state accessed the personal data of some people in the United States and the information included their names, email addresses and cell phone. The cybersecurity firm did not reveal the names of the states targeted by the hackers. China-linked hackers had started using the Log4J flaw to breach the two US state agencies while the other four states were being hacked with different methods.

CISA calls on state agencies to report the case

Rufus Brown, a senior threat analyst with Mandiant’s Advanced Practices team, revealed that the hackers were continuing their “campaign” and it appears that they have not yet completed their “mission”, according to the report. Mandiant claimed the hack was carried out by a group the Justice Department linked to China’s civilian intelligence agency. A spokesperson for the US Cybersecurity and Infrastructure Security Agency (CISA) said CNN that CISA is working with the Joint Cyber ​​Defense Collaborative which includes Mandiant and government partners to resolve the issue. The spokesperson even told state agencies that were targeted by the hackers to report it to CISA.

Image: Unsplash/Representative


Leave A Reply