A subsidiary of Google in the United States reported on the 15th that the network systems of hundreds of governments, enterprises and academic institutions around the world are being invaded by Chinese-backed hacker groups. What are the allegations? How Hacker Groups Exploit Vulnerabilities Through Email Devices?
(Deutsche Welle Chinese Network) Google’s information security company Mandiant (Mandiant) said on Thursday (June 15) that a hacker group suspected of being supported by the Chinese government found a computer in a popular email security device. The vulnerability allowed it to break into the networks of hundreds of public and private sector organizations around the world, nearly a third of which are government agencies, including diplomatic services.
Madian pointed out in a blog post that they are “highly confident” that the behind-the-scenes is a hacker group called “UNC4841” that is engaged in “espionage activities in support of China.”
Hackers will send emails containing malicious files to gain access to devices and data of targeted units, especially for projects “of high policy importance to the Chinese government,” the report said.
Fifty-five percent of victims were from the Americas, 22 percent from the Asia-Pacific region, and 24 percent from Europe, the Middle East and Africa. These include the foreign ministries of Southeast Asian countries, foreign trade offices and academic units in Taiwan and Hong Kong.
The exploited device was Barracuda Networks’ Email Security Gateway, Madian said. In May of this year, Barracuda Networks detected espionage activities and released containment and remedial patches to fill the loopholes. However, the hacker group also immediately modified its malicious programs, “counterattacked with high-frequency operations, and victims were located in at least 16 countries. “.
Barracuda Networks said in early June that some of its email security devices had been hacked as early as October, giving intruders a backdoor to cyberattacks. The company announced at the time that the hack was “very serious” and that customers were advised to completely replace the devices.
Cyber attack incidents emerge in endlessly
Madian Chief Technology Officer Charles Carmakal also stated via email on the 15th that since the beginning of 2021,Microsoft’s enterprise-class email platform Microsoft Exchange has been hacked on a large scale sincethe largest cyber espionage operation involving Chinese organizations.
The Microsoft Exchange hack affected at least 30,000 American businesses and local governments at the time;The hacking group behind the case is accused of being backed by Beijing。
Median’s report coincided with reports that U.S. federal agencies were fending off another cyberattack. CNN reported on Thursday (15th) that Russian cybercriminals used software vulnerabilities to carry out global cyber attacks. In addition to the US federal government agencies being hit, hundreds of US companies and units have also suffered.
months ago,Microsoft also presented a report, saying a hacker group backed by the Chinese government is targeting critical U.S. infrastructure and could try to disrupt critical communications between the U.S. and Asia amid a potential conflict across the Taiwan Strait. At that time, Beijing refuted that it was the United States and its allies spreading false information, criticizing the United States as the “hacking mission”.
Agence France-Presse reported on the 15th that China has always denied allegations of hacker groups, which have accused the United States of conducting cyber espionage against China and hacking into the computer systems of its universities and companies.
(Reuters, Associated Press, CNN)
© 2023 Deutsche Welle Copyright Statement: All content in this article is protected by copyright law and may not be used without special authorization from Deutsche Welle. Any wrongdoing will result in recovery and be subject to criminal prosecution.