Security News > 2024 > March > US sanctions APT31 hackers behind critical infrastructure attacks
The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security as cover in attacks against U.S. critical infrastructure organizations.
The Office of Foreign Assets Control has also designated two Chinese nationals linked to the APT31 Chinese state-backed hacking group and who worked as contractors for the Wuhan Xiaoruizhi Science and Technology Company, Limited MSS front company for their involvement in the same attacks and "Endangering U.S. national security."
The United Kingdom also sanctioned Wuhan XRZ and the two APT31 operatives for targeting UK parliamentarians, hacking the GCHQ intelligence agency, and breaching the UK's Electoral Commission systems.
In July 2021, the U.S. and its allies, including the European Union, the United Kingdom, and NATO, also officially blamed the MSS-linked Chinese state-backed APT40 and APT31 threat groups for a widespread Microsoft Exchange hacking campaign.
Chinese hackers hid in US infrastructure network for 5 years.
CISA shares critical infrastructure defense tips against Chinese hackers.
News URL
Related news
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- US critical infrastructure cyberattack reporting rules inch closer to reality (source)
- Cyber attacks on critical infrastructure show advanced tactics and new capabilities (source)
- Hackers target FCC, crypto firms in advanced Okta phishing attacks (source)
- Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure (source)
- Hackers steal Windows NTLM authentication hashes in phishing attacks (source)
- Hackers impersonate U.S. government agencies in BEC attacks (source)
- Major shifts in identity, ransomware, and critical infrastructure threat trends (source)