urlscan.io logo urlscan.io
SecurityTrails logo

abcnews.go.com Open in urlscan Pro
18.66.122.45  Public Scan

Back to summary
Submitted URL: http://safelinks.protection.outlook.com/?url=https%3A%2F%2Fabcnews.go.com%2FUS%2FwireStory%2Fsecurity-firm-chinese-hackers-broke-email-s...
Effective URL: https://abcnews.go.com/US/wireStory/security-firm-chinese-hackers-broke-email-security-appliance-100104273
Submission: On June 20 via api from US — Scanned from DE

Form analysis 1 forms found in the DOM

<form><span class="search"><span aria-label="Open Search Bar" class="search__trigger search__trigger--default" role="button" tabindex="0"></span><span class="search--default"><input type="text" aria-label="Search Headlines, News and Video..."
        class="search__input" placeholder="Search Headlines, News and Video..." tabindex="-1"><input type="submit" class="search__input__submit" tabindex="-1"><span class="search__input__icon"></span></span></span></form>

Text Content

ABC NEWS


VIDEO


LIVE


SHOWS


CLIMATE





Interest Successfully Added
We'll notify you here with news about

Turn on desktop notifications for breaking stories about interest?
OffOn



STREAM ON


CHINESE SPIES BREACHED HUNDREDS OF PUBLIC, PRIVATE NETWORKS, SECURITY FIRM SAYS

The U.S. cybersecurity firm Mandiant says suspected state-backed Chinese hackers
exploited a vulnerability in a popular email security appliance to break into
the networks of hundreds of public and private sector organizations globally,
nearly a third ...

ByFRANK BAJAK AP Technology Writer
June 15, 2023, 1:02 PM


FILE - Attendees walk past an electronic display showing recent cyberattacks in
China at the China Internet Security Conference in Beijing, on Sept. 12, 2017.
Hackers linked to China were likely behind the exploitation of a software
security hole in cy...Show more ---Show more
The Associated Press

Suspected state-backed Chinese hackers used a security hole in a popular email
security appliance to break into the networks of hundreds of public and private
sector organizations globally, nearly a third of them government agencies
including foreign ministries, the cybersecurity firm Mandiant said Thursday.

“This is the broadest cyber espionage campaign known to be conducted by a
China-nexus threat actor since the mass exploitation of Microsoft Exchange in
early 2021,” Charles Carmakal, Mandiant's chief technical officer, said in a
emailed statement. That hack compromised tens of thousands of computers
globally.

In a blog post Thursday, Google-owned Mandiant expressed “high confidence” that
the group exploiting a software vulnerability in Barracuda Networks' Email
Security Gateway was engaged in “espionage activity in support of the People’s
Republic of China.” It said the activivity began as early as October.

The hackers sent emails containing malicious file attachments to gain access to
targeted organizations’ devices and data, Mandiant said. Of those organizations,
55% were from the Americas, 22% from Asia Pacific and 24% from Europe, the
Middle East and Africa and they included foreign ministries in Southeast Asia,
foreign trade offices and academic organizations in Taiwan and Hong Kong. the
company said.

Mandiant said the majority impact in the Americas may partially reflect the
geography of Barracuda's customer base.



Barracuda announced on June 6 that some of its its email security appliances had
been hacked as early as October, giving the intruders a back door into
compromised networks. The hack was so severe the California company recommended
fully replacing the appliances.

After discovering it in mid-May, Barracuda released containment and remediation
patches but the hacking group, which Mandiant identifies as UNC4841, altered
their malware to try to maintain access, Mandiant said. The group then
“countered with high frequency operations targeting a number of victims located
in at least 16 different countries.”

Word of the breach arrived with U.S. Secretary of State Antony Blinken departing
for China this weekend as part of the Biden administration’s push to repair
deteriorating ties between Washington and Beijing.

His visit had initially been planned for early this year but was postponed
indefinitely after the discovery and shootdown of what the U.S. said was a
Chinese spy balloon over the United States.

Mandiant said the targeting at both the organizational and individual account
levels, focused on issues that are high policy priorities for China,
particularly in the Asia Pacific region. It said the hackers searched for email
accounts of people working for governments of political or strategic interest to
China at the time they were participating in diplomatic meetings with other
countries.



In a emailed statement Thursday, Barracuda said about 5% of its active Email
Security Gateway appliances worldwide showed evidence of potential compromise.
It said it was providing replacement appliances to affected customers at no
cost.

The U.S. government has accused Beijing of being its principal cyberespionage
threat, with state-backed Chinese hackers stealing data from both the private
and public sector.

In terms of raw intelligence affecting the U.S., China’s largest electronic
infiltrations have targeted OPM, Anthem, Equifax and Marriott.

Earlier this year, Microsoft said state-backed Chinese hackers have been
targeting U.S. critical infrastructure and could be laying the technical
groundwork for the potential disruption of critical communications between the
U.S. and Asia during future crises.

China says the U.S. also engages in cyberespionage against it, hacking into
computers of its universities and companies.



——

AP Business Writer Zen Soo contributed from Hong Kong.

--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

Promoted Links by TaboolaPromoted Links by Taboola
Fiat Professional

Unser vollelektrischer Profi für Ihr BusinessFiat ProfessionalMehr erfahren


Undo
Jeep®

Jetzt unsere Plug-in-Hybrid-Modelle Probe fahrenJeep®Jetzt testen


Undo
Norton

Schützen Sie sich onlineNortonMehr erfahren


Undo

Missing Titanic tourist submersible live updates


Undo

American woman who was pushed and fell 165 feet near German castle is released
from hospital


Undo

Homophobic chants force US-Mexico soccer match to end early in Las Vegas


Undo
M. Asam

Make-up das natürlich aussieht!M. AsamJetzt kaufen


Undo
Lifta

Der Treppenlift für jedes ZuhauseLiftaMehr erfahren


Undo
Alfa Romeo

Sichern Sie sich attraktive Leasingangebote.Alfa RomeoJetzt testen


Undo




TOP STORIES


MISSING TITANIC SUBMERSIBLE LIVE UPDATES: MORE DETAILS EMERGE AMID DESPERATE
SEARCH

 * 22 minutes ago


PHOTOS SHOW DRAMATIC DIFFERENCE IN WATER LEVELS AT LAKE OROVILLE FROM 2021 TO
TODAY

 * Jun 19, 9:00 PM


MISSING TITANIC SUBMERSIBLE: WHO IS ON BOARD

 * 38 minutes ago


DA PUSHES BACK AGAINST TRUMP'S EFFORT TO GET JUDGE TO STEP DOWN FROM CRIMINAL
CASE

 * 2 hours ago


SEARCH EFFORTS FOR BRITISH ACTOR JULIAN SANDS RESUME, SHERIFF'S OFFICE SAYS

 * Jun 20, 1:47 AM



ABC News Network
Privacy Policy
Your US State Privacy Rights
Children's Online Privacy Policy
Interest-Based Ads
About Nielsen Measurement
Terms of Use
Do Not Sell or Share My Personal Information
Contact Us
Copyright © 2023 ABC News Internet Ventures. All rights reserved.