A group of foreign hackers, probably related to the China, has managed to breach at least nine American organizations active in strategic sectors, such as defense, energy, health, technology and education. This was announced by a report from the cybersecurity agency Palo Alto Networks, drawn up with the participation of National Security Agency (NSA).
This group of cyber criminals is not interested in money, blackmailing the attacked structures, but only wants to tap into crucial information and then pass it on to state actors.
La Nsa , Cyber security and infrastructure security agency - cissa - they raised the alarm last September, urging the companies involved to re-establish the security of their IT infrastructures.
Within days, hackers monitored by Palo Alto attacked several hundred servers. The series of attacks was conducted through a vulnerability in a password and access manager (Zoho).
Palo Alto researchers found that the attacks were indiscriminate and on a very large scale, suggesting a spying operation, supported by a state actor. The modus operandi is known and attributable to the group known as Emissary Panda o Apt 27, which, according to Canadian analysts of Secureworks, would be sponsored by Beijing. The group has been in business for at least ten years and is known for its interests in the aerospace, defense, government and technology sectors.
Hackers, whose ranks are often led by states, have always been active: last April it was discovered, for example, that government agencies, strategic defense companies and financial institutions in the US and the EU were monitored by hackers for months. Chinese and Russian.