A Cybersecurity firm named Mandiant has discovered that China state-funded hackers took control of 6 government networks in the United States through Log4Shell vulnerability and the list is said to get extended as they reveal more analysis results in coming weeks.
APT41, has a history of breaching several government networks, made its way to the government networks between May 2021 and February 2022. Their motto is simple: exploit the software flaws and use sophisticated tools to infiltrate networks, conducting espionage and using the targeted machines as Botnets.
“While the rest of the world is busy analyzing the developments in war-hit Ukraine, cybercriminals are busy doing their job of potentially hacking networks,” says Geoff Ackerman, Principal Analyst, Mandiant.
Though the Biden administration issued orders for businesses operating in the United States to strengthen their defenses against cyberattacks, most companies are still showing laxity in raising their defense-line against threats- mostly due to budget issues or with thinking that hackers will never target them.
Note 1- APT41 was implicated by US DoJ in Sept’2020 as they accused it of targeting 100 companies and stealing valuable information from their servers. And the list of victimized companies includes social media firms, video game companies, universities, and telecommunication providers.
Note 2- Mandiant is now a part of Google’s parent company Alphabet Inc which acquired it for $5.4 billion in March 2022.
Note 3: Mandiant failed to disclose the names of victimized government networks. But unconfirmed sources claim that a water utility belonging to a Metropolitan city was also targeted by APT41.
