Published on November 8th, 2021 📆 | 7617 Views ⚑0
U.S. cybersecurity firm uncovers hack attacks linked to group with Chinese government ties
Foreign hackers are suspected of compromising organizations in the technology, defense, healthcare, energy and education industries in the U.S. and other countries, cybersecurity firm Palo Alto Networks said late Sunday.
Why it matters: The National Security Agency contributed to Palo Alto Networks’ report amid ongoing efforts to crack down on hackers who’ve been trying to steal critical data from targets including U.S. defense contractors, notes CNN, which first reported the breach.
Stay on top of the latest market trends and economic insights with Axios Markets. Subscribe for free
What they found: “Through global telemetry, we believe that the actor targeted at least 370 Zoho [software] … in the United States alone,” Palo Alto Networks said in a blog post late Sunday of the attack that it said began Sept. 17 and continued through early October.
“Given the scale, we assess that these scans were largely indiscriminate in nature as targets ranged from education to Department of Defense entities,” the post added.
Hackers gained access via a vulnerability in software used to manage network passwords.
“Ultimately, the actor was interested in stealing credentials, maintaining access and gathering sensitive files from victim networks for exfiltration.”
Excerpt from Palo Alto Network’s report
Of note: Cybersecurity company Mandiant found evidence linking the ruling Chinese Communist Party to hack attacks on the U.S. government, businesses and American infrastructure earlier this year.
What they’re saying: NSA Cybersecurity Collaboration Center director Morgan Adamski told CNN the agency is “delivering real-time impact to our partners and the defense of the nation.”
Wendi Whitmore, senior vice President of Palo Alto Networks Unit 42, said in an emailed statement that the research “underscores the importance of rapid patch management, real time threat intelligence sharing, and the ability to rapidly detect new threat activity within environments.”
Whitmore urged organizations that use Zoho software to immediately address any vulnerabilities before resetting passwords.
What to watch: The Biden administration announced last month plans to create a bureau of cyberspace and digital policy and a new envoy to oversee critical and emerging technology in response to the hack attacks, pending congressional approval.
Like this article? Get more from Axios and subscribe to Axios Markets for free.