(Washington Composite Electric) Google's network security company said that hackers suspected of the Chinese government used the loopholes of email security equipment to break into the network of hundreds of public and private institutions around the world, expanding the scope of at least 16 countries.
Google's network security company Mandiant Mandiant reported on Thursday (June 15) that their "highly believes" behind the scenes is a hacker tissue called UNC4841 and engaged in supporting Chinese spy activities.
McGrady's technical director Kamaka issued a statement saying that this is the most widely scope of the Chinese government hacker and the widest network spy activity since Microsoft Exchange, Microsoft Exchange, has been invaded on a large scale in 2021.At that time, the hacker attack destroyed countless computers around the world and affected at least 30,000 American companies and local governments.
More than half of the victims in the Americas in the Asia -Pacific region
According to reports, hackers send emails containing malware to targets, especially for projects that have high importance to Chinese government policies.This wave began in October last year and was discovered in May this year.55 % of the victims are in the Americas, 22 % are in the Asia -Pacific region, and the rest are in Europe, the Middle East, and Africa, including the Ministry of Foreign Affairs of Southeast Asian countries, Taiwan and Hong Kong's Foreign Trade Office and academic units.
The device that is drilled is a barracuda network.After the spy -spy activity was detected last month, the barracuda network quickly filled the loopholes. However, the hacker organization also modified the malicious program and countered it at a high frequency.The barracuda network revealed earlier this month that some email security devices were hacked as early as last October. It is recommended that customers replace these devices in an all -round way.
Microsoft also reported last month that the hacker organization "Volt Typhoon", funded by the Chinese government, has long been locked and invaded the key infrastructure of the United States such as Guam and other territories such as Guam since its operation in mid -2021.
Chinese Ministry of Foreign Affairs: The US Open Security Company assists politics to discredit
China has always denied allegations about launching the Internet.In response to the latest reports, the Chinese Ministry of Foreign Affairs was refuted as false information.
Chinese Foreign Ministry spokesman Wang Wenbin on Friday (16th)Said that this network security company "not only creates false information of the so -called Chinese hacking attack at one time, the relevant content is far -fetched, and there is no professionalism."
He also said that in April this year, the China Internet Security Agency released a historical review report of the American intelligence agency's network attack, revealing the Internet security manufacturers of the US intelligence agencies and differentiation targeting the network security manufacturers of various countries."Today, global network security companies have rarely released cases of US government cyber attacks, but American network security companies continue to compile reports of the so -called network attacks in other countries, which has completely reduced the accomplices of the US government's politics."
In September last year, China accused the US National Security Agency that launched cyber attacks and steal core data against a university in China.
The US Department of Energy said that multiple federal agencies were invaded
On the same day of the report issued by Madian, the US Department of Energy also issued a statement saying that multiple federal agencies were invaded in a global network attack.
Statement said that the hacker obtains access permissions through the security vulnerability of the Moveit Transfer to send software, so that the data of the energy department's two entities was leaked.The network of energy industry giants, Georgia University, John Hopkins University and Johns Hopkins Medical Group have also been invaded.These institutions have stated that they are still investigating and evaluating the situation.
Net security experts first discovered that Moveit was hacked on May 27, and hackers used software vulnerabilities to steal the company's sensitive data.Many large British enterprises and the Canadian provincial governments have also been attacked by the Internet, with thousands of personal information of employees leaked.
It is known that hackers who attacked Moveit software also operated a ransom website called Clop, mainly for medical care and financial fields.