CNN – A suspected Chinese hacking campaign breached four more US defense and technology companies last month and hundreds more US organizations are using the kind of vulnerable software the attackers exploited, according to a study told CNN.
The apparent espionage activity that helped the National Security Agency investigate in recent months is more extensive than previously known and has resulted in hackers stealing passwords from target organizations in order to intercept sensitive communications.
The cybersecurity researchers publicly confirmed only one fallen US organization in November, CNN reported at the time, but now they say the number is five and could continue to grow.
Globally, it has now been confirmed that at least 13 organizations in sectors such as defense, healthcare, energy and transportation have violated, warns cybersecurity firm Palo Alto Networks in a report to be released on Thursday.
Palo Alto Networks identified around 600 cases in the US of systems running some type of vulnerable software that the hackers exploited. This includes installations at 23 universities, 14 state or local governments, and 10 health organizations, the researchers said.
It’s the type of digital espionage that the U.S. government has tried for years to uncover before compromising sensitive data related to national security or trade secrets.
The hacking efforts are similar to the techniques of a group that Microsoft has identified as operating in China, Palo Alto Networks said.
The final impact of the computer breaches is not yet clear as the security breach investigations are ongoing. The researchers at Unit 42 of Palo Alto Networks believe, however, that the hackers could try to gain long-term access to computer systems in order to extract important data from US companies.
“This adversary has been aggressively targeting organizations in the United States and elsewhere in the defense, technology and other critical sectors,” Ryan Olson, vice president of Unit 42 for Palo Alto Networks, told CNN.
“While we are still learning more about the impact of these attacks, we urge organizations to quickly patch vulnerable systems and follow recommendations to determine if they have been compromised,” said Olson.
The NSA did not want to comment on the new investigations. The US agency for cybersecurity and infrastructure security, which has also tried to mitigate the effects of the hacking campaign, referred questions to Palo Alto Networks.
The Chinese embassy in Washington did not respond to a request for comment.
While Beijing routinely denies conducting hacker operations, cybersecurity has been a regular source of tension in US-China relations for years.
In July, the Biden government blamed China for various hacking activities that exploited Microsoft email software and, according to experts, exposed organizations around the world to follow-up hacks by cybercriminals.
A high-ranking official in the Biden government at the time described it as part of a “pattern of irresponsible behavior in cyberspace” from China. Beijing denied involvement.
The recent alleged Chinese cyber activity does not appear to risk such a level of collateral damage. But it still has the attention of senior US cybersecurity officials who worked with researchers to warn potential victim companies.
The hackers have moved from exploiting one popular software to another in the past few weeks in order to compromise more companies. Fixes are available for both software products made by multinational tech company Zoho. However, many of the company’s customers have yet to update their systems and remain vulnerable.
If the Chinese participation in the campaign is confirmed, this would lead to several cases of suspected Chinese hackers trying to break into the networks of US defense companies in recent years.
A 2014 Senate investigation found that hackers associated with the Chinese government had violated U.S. Transportation Command contractors 20 times in one year. The command, which is responsible for moving US troops and military equipment around the world, was only aware of two of these violations.
The-CNN-Wire â¢ & Â© 2021 Cable News Network, Inc., a WarnerMedia company. All rights reserved.