The internet company said at least 6 US state governments were attacked by China

WASHINGTON (AP) — Hackers working on behalf of the Chinese government broke into the computer networks of at least six state governments in the United States in the last year, according to a report by a private cybersecurity firm. announced on Tuesday.

The report from Mandiant did not identify the countries that were compromised or give a motive for the intrusions, which began in May last year. But the Chinese group believed to be responsible for the breaches, APT41, is known to have launched hacking operations for both old-fashioned espionage purposes and financial gain.

“When crisis in Ukraine has rightfully and potentially captured the world’s attention Russia’s Cyber ​​Threat Geoff Ackerman, principal threat analyst at Reston, Mandiant Inc., based in Virginia.

He added in his statement: “We cannot allow other cyber activity to fall to the curb, especially based on our observation that this campaign is from APT41, one of the threat actors. most popular, continues to this day.”

State agencies remain ripe targets for hackers, even as the Biden administration announced additional steps to protect federal government systems from hacking. It is a particularly urgent concern due to SolarWinds’ massive espionage campaign in which Russian intelligence agents exploited supply chain vulnerabilities to break into the networks of at least nine US agencies and dozens of private sector companies.

In this case, the report said, hackers exploited a previously unknown vulnerability in a commercially available web application used by 18 states to manage animal health.

In addition, they also exploit a software vulnerability known as Log4j was discovered in December, and US officials say it could be in hundreds of millions of devices. Hackers began exploiting the vulnerability within hours of an advisory disclosing it to the public, and late last month they re-infiltrated two previous victims of the US state government, the report said. know.

Rufus Brown, senior threat analyst at Mandiant, “hacker persistence” persists in accessing government networks, as evidenced by re-infiltrating previous victims and targeting into multiple agencies in the same state, showing that whatever they’re after matters.” , said in a statement. “We found them everywhere, and that’s amazing.”

The same hacking group, APT41, is related to a 2020 indictment of the Department of Justice alleged Chinese hackers targeted more than 100 companies and organizations in the US and abroad, including social media and video game companies, universities and telecommunications providers.

“Through all of the new, some things have remained unchanged: APT41 continues to be undeterred by the September 2020 indictment of the United States Department of Justice (DOJ),” the Mandiant report states.

The Chinese government has in the past described itself as a staunch defender of cybersecurity and dismissed US hacking allegations as “baseless” speculation.

Mandiant is acquired by Google in a $5.4 billion deal, the companies announced on Tuesday.