NATIONAL NEWS

Cybersecurity firm says Chinese hackers breached six US state agencies

Mar 8, 2022, 10:32 AM | Updated: Jun 8, 2022, 3:18 pm

View of the office building of the Ministry of Public Security of the Peoples Republic of China (MS...

View of the office building of the Ministry of Public Security of the Peoples Republic of China (MSS) in Beijing, China, 16 August 2008. No Use China. No Use France.

(MSS)

(CNN) — A Chinese government-backed hacking group has breached local government agencies in at least six US states in the last 10 months as part of a persistent information-gathering operation, investigators at cybersecurity firm Mandiant said Tuesday.

The wide range of state agencies targeted include “health, transportation, labor (including unemployment benefit systems), higher education, agriculture, and court networks and systems,” the FBI and US Cybersecurity and Infrastructure Security Agency (CISA) said in a separate, private advisory to state governments obtained by CNN.

For agencies in two states, the hackers broke into networks using a critical software flaw that was revealed in December just as the Biden administration was scrambling to respond to the flaw’s discovery, according to Mandiant.

The revelation shows how difficult it can be to keep state-backed hackers from accessing US networks — even when US officials are sounding the alarm about a potential threat. And it’s a reminder that as many analysts are watching for Russian cyber threats during the Ukraine war, other foreign governments aren’t letting up in targeting US networks.

The hackers’ motives aren’t clear, but their victims are “consistent with an espionage operation,” the firm said. The list of state agencies affected by the hacking could grow as the investigation continues.

CISA on December 10 publicly warned that Log4J — software used by big tech firms around the world — had a vulnerability that hackers could easily exploit to gain further access to computer systems.

Hundreds of millions of computers around the world ran the vulnerable software, US officials later estimated. For weeks, US officials urged companies to update their software; the White House hosted a meeting in January with tech executives to try to address the root problem of software that is not secure by design.

Within hours of the CISA advisory, the Chinese hackers had begun using the Log4J flaw to break into the two US state agencies, according to Mandiant. Agencies in four other states were hacked via other means.

In one state, Mandiant said, the hackers accessed personal data on some Americans, including names, email addresses and mobile phone numbers. Mandiant declined to name the US states or agencies affected.

While the hackers’ ultimate objectives are unclear, state agencies could provide a wealth of useful information to foreign spies, whether data related to elections or government contracting.

“This campaign is likely still going on. [The hackers] probably haven’t completed their mission,” said Rufus Brown, senior threat analyst at Mandiant’s Advanced Practices team.

The hackers have used multiple methods to access the state agency networks, and in some cases have returned to the same compromised network after Mandiant specialists contained the activity.

CNN has asked CISA to comment.

Mandiant blamed the hacking campaign on a group that the Justice Department has linked with China’s civilian intelligence agency. That hacking group, according to a US indictment unsealed in September 2020, has been linked to attempts to breach hundreds of organizations around the world, from hardware makers to pro-democracy politicians in Hong Kong.

“We firmly oppose and combat cyberattacks of any kind,” Chinese Embassy in Washington spokesperson Liu Pengyu said in an email. “We oppose making groundless accusations against China on cyber security and other related issues.”

While Russian spying operations, such as the so-called SolarWinds hacking campaign, have gained considerable attention, analysts say Chinese hacking continues to pose a challenge to the Biden administration’s efforts to defend government networks. Suspected Chinese hackers compromised at least five US defense and technology firms in an apparent espionage effort, CNN reported in December.

KSL 5 TV Live

National News

President Joe Biden speaks in the Diplomatic Reception Room of the White House, Thursday, Feb. 8, 2...

Farnoush Amiri, Associated Press

House Republicans invite President Biden to testify at public hearing as impeachment inquiry stalls

House Republicans have invited President Joe Biden to testify before Congress on their stalled monthslong impeachment inquiry.

1 hour ago

FILE - Eggs are displayed on store shelves at a local grocery store in Chandler, Ariz., Jan. 21, 20...

Dee-Ann Burrin, AP Business Writer

What’s keeping egg prices high for Easter? It’s not just inflation

Egg prices are at near-historic highs in many parts of the world as Easter and Passover approach.

3 hours ago

Kia has recalled 427,407 of its Telluride SUVs because they can roll away while in park....

Samantha Delouya, CNN

Kia recalls more than 400,000 Telluride SUVs that can move while in park

All Telluride vehicles made between 2020 and 2023 and certain 2024 models are affected by the recall.

3 hours ago

Consumers hunting for Easter eggs and chocolate bunnies this year can expect sticker shock...

John Towfighi, CNN

As cocoa prices soar this Easter, chocolatiers consider alternatives

Consumers hunting for Easter eggs and chocolate bunnies this year can expect sticker shock.

6 hours ago

Post reading "Wall Street"...

Stan Choe, AP Business Writer

Stock market today: Wall Street rises to more records to close out its latest winning month

The stock market has been on a nearly unstoppable run since late October, and the S&P 500 just capped its fifth straight winning month.

7 hours ago

NEW YORK, NEW YORK - FEBRUARY 03: Larry David, comedian, writer, actor, and television producer loo...

Alli Rosenbloom, CNN

Don’t bother Larry David with menial pleasantries. He’s not interested

Just like the version of himself that he plays on “Curb Your Enthusiasm,” there are some things in life that Larry David can’t be bothered with.

8 hours ago

Sponsored Articles

Women hold card for scanning key card to access Photocopier Security system concept...

Les Olson

Why Printer Security Should Be Top of Mind for Your Business

Connected printers have vulnerable endpoints that are an easy target for cyber thieves. Protect your business with these tips.

Modern chandelier hanging from a white slanted ceiling with windows in the backgruond...

Lighting Design

Light Up Your Home With These Top Lighting Trends for 2024

Check out the latest lighting design trends for 2024 and tips on how you can incorporate them into your home.

Technician woman fixing hardware of desktop computer. Close up....

PC Laptops

Tips for Hassle-Free Computer Repairs

Experiencing a glitch in your computer can be frustrating, but with these tips you can have your computer repaired without the stress.

Close up of finger on keyboard button with number 11 logo...

PC Laptops

7 Reasons Why You Should Upgrade Your Laptop to Windows 11

Explore the benefits of upgrading to Windows 11 for a smoother, more secure, and feature-packed computing experience.

Stylish room interior with beautiful Christmas tree and decorative fireplace...

Lighting Design

Create a Festive Home with Our Easy-to-Follow Holiday Prep Guide

Get ready for festive celebrations! Discover expert tips to prepare your home for the holidays, creating a warm and welcoming atmosphere for unforgettable moments.

Battery low message on mobile device screen. Internet and technology concept...

PC Laptops

9 Tips to Get More Power Out of Your Laptop Battery

Get more power out of your laptop battery and help it last longer by implementing some of these tips from our guide.

Cybersecurity firm says Chinese hackers breached six US state agencies