China is involved in the recently found series of hacks targeted against the US government, its critical infrastructure, and some private firms, as stated by Mandiant, a cybersecurity firm on Wednesday. The hack reportedly works towards breaking the Pulse Secure.
Pulse Secure is a business program through which employees connect to their offices remotely. Mandiant released a statement on Tuesday telling people how they can check if they are affected by the hack. The software upgrade to curb the risk won’t be available until May, the company’s statement read.
This hack happens to be the third unique yet serious cyber espionage against the US in recent times, emphasizing the workforce strain at cybersecurity. In January, the US government blamed Russia for hacking nine different government agencies in the country. The hack is believed to have happened through the Texas software company SolarWinds, which is prevalently used by government and business firms in America.
Microsoft accused China in March of the free-for-all program through which different hackers entered into different organizations from all over the world using the company’s Exchange email program.
In all these three events, the hackers began by hacking into the victims’ computer networks using these programs, then planted backdoors to spy on them for many months now, or maybe longer. The CISA (Cybersecurity and Infrastructure Security Agency) of the US issued a warning on Tuesday saying that the recent hacks are “affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations.”
Matt Harman, deputy executive assistant director at CISA said that the agency is very concerned. “In recent months we have issued them with increasing frequency, which is certainly a concern and something we don’t take lightly,” his statement read.
CISA activated the toughest emergency powers since Tuesday, making it mandatory that every civilian agency verify if they are affected by these hacks, and take necessary action to fix them. This move from CISA happens to be the second time in the last seven weeks.
Exchange and SolarWinds have at least tens of thousands of victims. There is a slight indication that China used the Pulse to target more victims. The hack is crucial because it gave China access to significant companies and federal agencies from the US for many months, as per a statement from Mandiant’s Chief Technology Officer Charles Carmakal.
His statement also read that Mandiant noticed a ‘resurgence of espionage activities’ from China. The victims of the recent hack haven’t been disclosed yet. China has opposed the Exchange hacks but hasn’t denied its involvement.