China APT41 is back. Reports have it that six state governments in the United States were compromised last year. The Chinese-backed hacker group was said to have broken into the computer networks of these states, according to a report from Google’s newly acquired Mandiant.
Despite the announcement that the United States of America will be beefing up its cybersecurity, state agencies remain the primary targets for hackers. Following the massive espionage campaign by Russian intelligence operatives that led to the exploitation of up to nine U.S. agencies and dozens of private-sector companies, the need for tighter cyberspace could not be overemphasized.
The most recent hacks took place due to an unknown vulnerability in an off-the-shelf commercial web application used by 18 states for animal health management. Commenting on the breach, Mandiant threat analyst Geoff Ackerman said that we must remember that other major threat actors around the world are continuing their operations as-usual.
He made these statements while taking into consideration the ongoing crisis in Ukraine and added that it would make no sense to overlook other threats, especially from APT41. The analyst describe the group as one of the most prolific threat actors around, even to this day.
They rightly feared as the same hacking group was implicated in a 2020 Justice Department indictment that accused Chinese hackers of targeting more than 100 companies and institutions in the U.S. and abroad, including social media and video game companies, universities and telecommunications providers.
What Do China-Backed Hackers Hope to Gain?
Mandiant did not identify the compromised states or offer a motive for the intrusions, which began last May. But the Chinese group believed to be responsible for the breaches, APT41, is known to launch hacking operations both for old-fashioned espionage purposes and for financial gain.
More pressure on the U.S., as a previous report has it that there has been an increase in cyber attacks since the U.S. and its allies imposed sanctions on the said aggressor.
