A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost Internet security to penetrate the computers of critical US entities.
The hack of Pulse Connect Secure networking devices came to light in April, but its scope is only now starting to become clear.
The hackers targeted telecommunications giant Verizon and the Metropolitan Water District of Southern California, the US’ largest water agency.
News broke earlier this month that the New York City subway system, the country’s largest, was also breached.
Security researchers said that dozens of other high-value entities that have not yet been named were also targeted as part of the breach of Pulse Secure, which is used by many companies and governments for secure remote access to their networks.
It is unclear what sensitive information, if any, was accessed.
Some of the targets said that they did not see any evidence of data being stolen.
That uncertainty is common in cyberespionage and it can take months to determine data loss, if it is ever discovered.
However, even if sensitive information was not compromised, experts say that it is worrisome that hackers managed to gain footholds in networks of critical organizations whose secrets could be of interest to China for commercial and national security reasons.
“The threat actors were able to get access to some really high-profile organizations, some really well-protected ones,” said Charles Carmakal, head technology officer of Mandiant, whose company first publicized the hacking campaign in April.
China has a long history of using the Internet to spy on the US and presents a “prolific and effective cyberespionage threat,” the US Office of the Director of the National Intelligence said in its most recent annual threat assessment.
The Chinese government has denied any role in the Pulse hacking campaign and the US government has not made any formal attribution.
In the Pulse campaign, security experts said sophisticated hackers exploited never-before-seen vulnerabilities to break in and were hyper diligent in trying to cover their tracks once inside.
“The capability is very strong and difficult to defend against, and the profile of victims is very significant,” BAE Systems Applied Intelligence head of cyber Adrian Nish said. “This is a very targeted attack against a few dozen networks that all have national significance in one way or another.”
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued an April alert about the Pulse hack saying that it was aware of “compromises affecting a number of US government agencies, critical infrastructure entities and other private sector organizations.”
The new details of the Pulse Secure hack come at a time of tension between the US and China.
US President Joe Biden has made checking China’s growth a top priority, and said the country’s ambition of becoming the wealthiest and most powerful country in the world is “not going to happen under my watch.”
Showcasing phallus-shaped portable shrines and pink penis candies, Japan’s annual fertility festival yesterday teemed with tourists, couples and families elated by its open display of sex. The spring Kanamara Matsuri near Tokyo features colorfully dressed worshipers carrying a trio of giant phallic-shaped objects as they parade through the street with glee. The festival, as legend has it, honors a local blacksmith in the Edo Period (1603-1868) who forged an iron dildo to break the teeth of a sharp-toothed demon inhabiting a woman’s vagina that had been castrating young men on their wedding nights. A 1m black steel phallus sits in the courtyard of
JAN. 1 CLAUSE: As military service is voluntary, applications for permission to stay abroad for over three months for men up to age 45 must, in principle, be granted A little-noticed clause in sweeping changes to Germany’s military service policy has triggered an uproar after it emerged that the law requires men aged up to 45 to get permission from the armed forces before any significant stay abroad, even in peacetime. The legislation, which went into effect on Jan. 1 aims to bolster the military and demands all 18-year-old men fill out a questionnaire to gauge their suitability to serve in the armed forces, but stops short of conscription. If the “modernized” model fails to pull in enough recruits, parliament will be compelled to discuss the reintroduction of compulsory service, German
Filipino farmers like Romeo Wagayan have been left with little choice but to let their vegetables rot in the field rather than sell them at a loss, as rising oil prices linked to the Iran war drive up the cost of harvesting, labor and transport. “There’s nothing we can do,” said Wagayan, a 57-year old vegetable farmer in the northern Philippine province of Benguet. “If we harvest it, our losses only increase because of labor, transportation and packing costs. We don’t earn anything from it. That’s why we decided not to harvest at all,” he said. Soaring costs caused by the Middle East
Hungarian Prime Minister Viktor Orban’s officially declared wealth is fairly modest: some savings and a jointly owned villa in Budapest. However, voters in what Transparency International deems the EU’s most corrupt country believe otherwise — and they might make Orban pay in a general election this Sunday that could spell an end to his 16-year rule. The wealth amassed by Orban’s inner circle is fueling the increasingly palpable frustration of a population grappling with sluggish growth, high inflation and worsening public services. “The government’s communication machine worked well as long as our economic situation remained relatively good,” said Zoltan Ranschburg, a political analyst
RSS