A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost Internet security to penetrate the computers of critical US entities.
The hack of Pulse Connect Secure networking devices came to light in April, but its scope is only now starting to become clear.
The hackers targeted telecommunications giant Verizon and the Metropolitan Water District of Southern California, the US’ largest water agency.
News broke earlier this month that the New York City subway system, the country’s largest, was also breached.
Security researchers said that dozens of other high-value entities that have not yet been named were also targeted as part of the breach of Pulse Secure, which is used by many companies and governments for secure remote access to their networks.
It is unclear what sensitive information, if any, was accessed.
Some of the targets said that they did not see any evidence of data being stolen.
That uncertainty is common in cyberespionage and it can take months to determine data loss, if it is ever discovered.
However, even if sensitive information was not compromised, experts say that it is worrisome that hackers managed to gain footholds in networks of critical organizations whose secrets could be of interest to China for commercial and national security reasons.
“The threat actors were able to get access to some really high-profile organizations, some really well-protected ones,” said Charles Carmakal, head technology officer of Mandiant, whose company first publicized the hacking campaign in April.
China has a long history of using the Internet to spy on the US and presents a “prolific and effective cyberespionage threat,” the US Office of the Director of the National Intelligence said in its most recent annual threat assessment.
The Chinese government has denied any role in the Pulse hacking campaign and the US government has not made any formal attribution.
In the Pulse campaign, security experts said sophisticated hackers exploited never-before-seen vulnerabilities to break in and were hyper diligent in trying to cover their tracks once inside.
“The capability is very strong and difficult to defend against, and the profile of victims is very significant,” BAE Systems Applied Intelligence head of cyber Adrian Nish said. “This is a very targeted attack against a few dozen networks that all have national significance in one way or another.”
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued an April alert about the Pulse hack saying that it was aware of “compromises affecting a number of US government agencies, critical infrastructure entities and other private sector organizations.”
The new details of the Pulse Secure hack come at a time of tension between the US and China.
US President Joe Biden has made checking China’s growth a top priority, and said the country’s ambition of becoming the wealthiest and most powerful country in the world is “not going to happen under my watch.”
ELECTION DISTRACTION? When attention shifted away from the fight against the militants to politics, losses and setbacks in the battlefield increased, an analyst said Recent clashes in Somalia’s semi-autonomous Jubaland region are alarming experts, exposing cracks in the country’s federal system and creating an opening for militant group al-Shabaab to gain ground. Following years of conflict, Somalia is a loose federation of five semi-autonomous member states — Puntland, Jubaland, Galmudug, Hirshabelle and South West — that maintain often fractious relations with the central government in the capital, Mogadishu. However, ahead of elections next year, Somalia has sought to assert control over its member states, which security analysts said has created gaps for al-Shabaab infiltration. Last week, two Somalian soldiers were killed in clashes between pro-government forces and
Ten cheetah cubs held in captivity since birth and destined for international wildlife trade markets have been rescued in Somaliland, a breakaway region of Somalia. They were all in stable condition despite all of them having been undernourished and limping due to being tied in captivity for months, said Laurie Marker, founder of the Cheetah Conservation Fund, which is caring for the cubs. One eight-month-old cub was unable to walk after been tied up for six months, while a five-month-old was “very malnourished [a bag of bones], with sores all over her body and full of botfly maggots which are under the
BRUSHED OFF: An ambassador to Australia previously said that Beijing does not see a reason to apologize for its naval exercises and military maneuvers in international areas China set off alarm bells in New Zealand when it dispatched powerful warships on unprecedented missions in the South Pacific without explanation, military documents showed. Beijing has spent years expanding its reach in the southern Pacific Ocean, courting island nations with new hospitals, freshly paved roads and generous offers of climate aid. However, these diplomatic efforts have increasingly been accompanied by more overt displays of military power. Three Chinese warships sailed the Tasman Sea between Australia and New Zealand in February, the first time such a task group had been sighted in those waters. “We have never seen vessels with this capability
‘NO INTEGRITY’: The chief judge expressed concern over how the sentence would be perceived given that military detention is believed to be easier than civilian prison A military court yesterday sentenced a New Zealand soldier to two years’ detention for attempting to spy for a foreign power. The soldier, whose name has been suppressed, admitted to attempted espionage, accessing a computer system for a dishonest purpose and knowingly possessing an objectionable publication. He was ordered into military detention at Burnham Military Camp near Christchurch and would be dismissed from the New Zealand Defence Force at the end of his sentence. His admission and its acceptance by the court marked the first spying conviction in New Zealand’s history. The soldier would be paid at half his previous rate until his dismissal
RSS