According to cybersecurity firm Mandiant, a major cyber espionage campaign targeting government agencies linked to Beijing is being conducted by online attackers with clear connections to China.
Mandiant’s Chief Technology Officer, Charles Carmakal, described it as the most extensive cyber espionage campaign attributed to a China-affiliated threat actor since the mass exploitation of Microsoft Exchange in early 2021.
The attackers managed to breach the computer defenses of hundreds of organizations, gaining unauthorized access to sensitive information, including the emails of prominent individuals involved in matters of interest to the Chinese government.
Mandiant’s report expressed “high confidence” that a group identified as UNC4841 was responsible for this expansive espionage campaign, which was carried out in support of the People’s Republic of China.
The targeted victims spanned at least 16 countries and encompassed both public and private sector organizations worldwide. The campaign specifically focused on issues of significant policy importance to the Chinese government, with particular emphasis on the Asia-Pacific region and Taiwan.
The report identified various victims, including foreign ministries, research organizations, and foreign trade missions situated in Hong Kong and Taiwan.
The cyber attacks employed malicious code embedded in email messages, taking advantage of a vulnerability in Barracuda software used for screening and ensuring email safety.
The campaign was first detected in May, but it is believed to have originated as early as October of the previous year. Some compromised systems continue to exhibit signs of ongoing malware activity, as confirmed by Barracuda.
In 2021, a separate hack targeting Microsoft Exchange, which was attributed to a hacker group backed by Beijing, affected over 30,000 organizations in the United States, including businesses and local governments.
CNN reported that multiple US federal agencies were simultaneously dealing with an apparent cyber attack on Thursday. The details regarding the nature of the attack and its possible connection to other incidents were not provided in the report.
However, several security experts with a history of working closely with US federal agencies have tweeted that there is a very strong possibility that the same attackers, hacked into the US federal agencies.
Read all the Latest News, Trending News, Cricket News, Bollywood News,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.
0 Comments: