Technology Apr 21

China suspected in US defence industry cyber attack

Security group FireEye declines to name targets of hacking, identifying them only as 'defence, government, and financial organisations around the world'

China suspected in US defence industry cyber attack
The FireEye logo is seen outside the company's offices in Milpitas, California. File photo by Reuters. 

(ATF) China-linked hackers have spent months spying on the US defence industry, using a flaw in an information technology (IT) company's software, the manufacturer said on Tuesday.

Utah-based IT company Ivanti said hackers took advantage of the flaw in its Pulse Connect Secure suite to break into the systems of "a very limited number of customers."

Cybersecurity company FireEye Inc said it suspected that at least one of the hacking groups operates on behalf of the Chinese government.

Charles Carmakal, a senior vice president of Mandiant, an arm of Fireye, said his analysts' judgment was based on a review of tactics, tools, infrastructure and targets - many of which echoed past China-linked intrusions.

A spokesman for the Chinese embassy in Washington dismissed the allegations, saying they were "irresponsible and ill-intentioned".

FireEye declined to name the targets, identifying them only as "defence, government, and financial organisations around the world."

PARTICULAR FOCUS

The company said the group of hackers suspected of working on Beijing's behalf were particularly focused on the US defence industry.

The US Department of Homeland Security said it was working with Ivanti "to better understand the vulnerability in Pulse Secure VPN devices and mitigate potential risks to federal civilian and private sector networks."

Senator Marco Rubio, vice-chairman of the Senate Select Committee on Intelligence, said the threats to US defence security posed by hackers were growing more serious.

“While the threat landscape has changed drastically since the committee began holding this annual hearing in 1995, two things have remained constant," he said.

"First, there are always adversaries who seek to harm the US, and second, the intelligence community will always be counted on to rise to the challenge of identifying how, when, and why those adversaries will strike."

He said the adversaries have remained largely the same over the years, "with China, Russia, Iran, and North Korea always looking for new ways to inflict damage upon the US".

With reporting by Reuters

ALSO SEE:

Cybersecurity, a core facet of change to a hybrid future of work

cybersecurity US-China tension FireEye defence