China deploys cyber spying campaign targeting public and private organizations in the US

A few weeks ago a group of researchers in the West detected a cyber espionage campaign operated from China. While experts initially believed that this was an ambitious campaign, it has now been confirmed that this attack is more dangerous than previously thought, as it involves sophisticated threat actors abusing a device designed to optimize the experience of users on the Internet in order to access critical systems in the US.

This hacking campaign targeting Pulse Connect Secure network devices was revealed in April, although the cybersecurity community had no idea about its actual scope until now. Early reports indicated that the hackers had only targeted Verizon, a major telecommunications company; now, it has been confirmed that the incident also involves the systems of the New York Subway, one the most important subway transportation networks worldwide. Other reports claim that the incident also affected dozens of companies and public organizations that have not been named, although this could be about to change.

On the other hand, the possibility that threat actors have accessed confidential information of the affected organizations has not yet been confirmed or ruled out. Experts in cyberwar research and electronic espionage say that reaching specific conclusions can take months.

Since the incident was confirmed Ivanti, parent company of Pulse Connect Secure, has declined to comment.

The researchers say that China has a long history of using technology and hacking tools to spy on the United States and other countries considered adversaries, constituting itself as one of the main threats of espionage.

Six years ago it was reported that a Chinese hacking group managed to steal millions of background check files from federal government employees of the Office of Personnel Management. And last year, the Justice Department indicted two hackers for their alleged collaboration with the Chinese government to target various companies developing vaccines against the coronavirus, committing an investment of hundreds of millions of dollars and disrupting a crucial investigation for humanity.

Como era de esperarse, el gobierno chino negó su participación en la campaña de hacking contra Pulse Connect Secure, además de que el gobierno de Estados Unidos no ha hecho ninguna acusación formal.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.