Xinhua stated that since Feb 2022, China has faced cyberattacks from overseas to take control of computers in China to target Russia, Ukraine, and Belarus. Most of these attacks originated in the United States.
However, according to a report by the cybersecurity company – Mandiant – in the US: “Hackers linked to China’s Ministry of State Security have spent most of the last year infiltrating and moving freely through state government networks in the United States”.
The report says that this hacker group, known as APT41, has members who have been wanted by the FBI for allegedly working for Beijing to carry out cyberattacks. They began targeting at least six state governments in the US, starting last spring and didn’t give up until late February.
“This is a unique strategy,” said Rufus Brown, the senior threat analyst at Mandiant and the author of the report, told about the attacks. “Since May 2021, we have seen them repeatedly attack these state governments.”
“It’s not clear what information APT41 may have stolen or how much information from various state agencies was hacked. But attackers jumped from this ministry to another ministry and in at least one case, they stole a series of personally identifiable information”, Brown said.
“Preventing them is very difficult,” Brown said. “The only thing that will really help with this is arresting individuals.”
The cyberattacks on state governments in the United States come as top Chinese leaders have spoken out in recent years about maintaining close ties with individual nations – a sort of counterbalance Beijing‘s deteriorating relationship with Washington D.C.
China has denied that it supports cyberattacks abroad and says China is also a victim of hacking.