WASHINGTON, June 15 (AP) — Suspected state-backed Chinese hackers exploited a security flaw in a popular email security appliance to break into the networks of hundreds of public and private sector organizations around the world, nearly a third of them Government agencies, including the Ministry of Foreign Affairs, cybersecurity firm Mandiant said on Thursday.
“This is the most extensive known attack by a China-linked threat actor since the massive exploitation of Microsoft Exchange in early 2021,” Mandiant Chief Technology Officer Charles Carmakal said in an emailed statement. cyber-espionage.” That hack compromised tens of thousands of computers around the world.
In a blog post on Thursday, Google-owned Mandiant said it has “high confidence” that a group exploiting a software vulnerability in Barracuda Networks’ email security gateway is engaging in “espionage in support of the People’s Republic of China.” It said the campaign started as early as October.
Hackers send emails with malicious file attachments to gain access to targeted organizations’ devices and data, Mandiant said. Of these organizations, 55 percent were from the Americas, 22 percent from the Asia-Pacific region, and 24 percent from EMEA, which included foreign ministries in Southeast Asia, foreign trade offices and academic organizations in Taiwan and Hong Kong, the company said.
Mandiant said the major impact in the Americas may in part reflect the geography of Barracuda’s customer base.
Barracuda announced on June 6 that some of its email security appliances had been hacked back in October, giving the intruders a backdoor into the compromised network.
The hacking was so severe that the California company recommended a complete replacement of the devices.
After discovering it in mid-May, Barracuda released containment and remediation patches, but the hacker group identified by Mandiant as UNC4841 altered their malware to try to maintain access, Mandiant said.
The group then “conducted high-frequency operations against a number of victims located in at least 16 different countries.”
At the organizational and individual account levels, the focus is on issues that are high policy priorities for China, particularly in the Asia-Pacific region, Mandiant said.
It said hackers searched the email accounts of people working for governments with political or strategic interests in China while they were attending diplomatic meetings with other countries.
The U.S. government has accused Beijing of being its main cyber espionage threat, with state-backed Chinese hackers stealing data from the private and public sectors.
China says the United States also engages in cyber espionage against China, hacking into the computers of its universities and companies. (Associated Press)
(This is an unedited and auto-generated story from a Syndicated News feed, the content body may not have been modified or edited by LatestLY staff)