by Reuters at The Epoch Times
At least two groups of China-linked hackers have spent months using a previously undisclosed vulnerability in virtual private networking devices to spy on the U.S. defense industry, researchers and the devices’ manufacturer said.
Utah-based IT company Ivanti said in a statement on April 20 the hackers took advantage of the flaw in its Pulse Connect Secure suite to break into the systems of “a very limited number of customers.”
Ivanti said that while mitigations are in place, a fix for the issue would be unavailable until early May.
Ivanti provided no details about who might be responsible for the espionage campaign but, in a report timed to Ivanti’s announcement, cybersecurity company FireEye Inc. said it suspects that at least one of the hacking groups operates on behalf of the Chinese government.
“The other one we suspect is aligned with China-based initiatives and collections,” said Charles Carmakal, a senior vice president of Mandiant, an arm of Fireye, ahead of the report’s release.
While tying hackers to a specific country is fraught with uncertainty, Carmakal said his analysts’ judgment was based on a review of the hackers’ tactics, tools, infrastructure, and targets—many of which echoed past China-linked intrusions.
Chinese Embassy spokesperson Liu Pengyu says China “firmly opposes and cracks down on all forms of cyberattacks,” while describing FireEye’s allegations as “irresponsible and ill-intentioned.”
Continue Reading