Security News > 2021 > June > Critical Entities Targeted in Suspected Chinese Cyber Spying
A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical U.S. entities.
The Pulse Secure hack has largely gone unnoticed while a series of headline-grabbing ransomware attacks have highlighted the cyber vulnerabilities to U.S. critical infrastructure, including one on a major fuels pipeline that prompted widespread shortages at gas stations.
The U.S. government is also still investigating the fallout of the SolarWinds hacking campaign launched by Russian cyber spies, which infiltrated dozens of private sector companies and think tanks as well as at least nine U.S. government agencies and went on for most of 2020.
Last year the Justice Department charged two hackers it said worked with the Chinese government to target firms developing vaccines for the coronavirus and stole hundreds of millions of dollars worth of intellectual property and trade secrets from companies across the world.
The Chinese government has denied any role in the Pulse hacking campaign and the U.S. government has not made any formal attribution.
The Department of Homeland Security's Cybersecurity & Infrastructure Security Agency, or CISA, issued an April alert about the Pulse hack saying it was aware of "Compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations." The agency has since said that at least five federal agencies have identified indications of potential unauthorized access, but not said which ones.