Hackers linked to Chinese government invaded US state networks, security firm says

Mandiant cybersecurity firm says hacking group APT41, already an FBI target, has infiltrated at least six US states since last year

‘It’s very persistent, very continuous, and they keep coming back for whatever they want,’ the report’s lead author says

Reading Time:3 minutes

Hackers linked to China’s Ministry of State Security have spent most of the last year infiltrating state government networks across the US, a cybersecurity firm has reported. Illustration: Reuters

Published: 1:49am, 9 Mar 2022Updated: 2:11am, 9 Mar 2022

Hackers linked to China’s Ministry of State Security have spent most of the last year infiltrating and moving freely through state government networks across the United States, according to a report by the cybersecurity firm Mandiant.

Released on Tuesday, the report says that the hacking group known as APT41, whose members are already sought by the FBI for allegedly working on behalf of Beijing to conduct cyberattacks, began targeting at least six state governments starting last spring, and had not let up through the end of February.

“This is a pretty unique switch,” Rufus Brown, a senior threat analyst at Mandiant and the lead author of the report, said about the attacks. “Since May 2021, we’ve seen them just continuously hammer these state governments.”

“It’s very persistent, very continuous, and they keep coming back for whatever they want,” he said. “We likely assess that there are more states affected.”

US Deputy Attorney General Jeffrey Rosen announcing charges on September 16, 2020, related to a computer intrusion campaign by the APT41 hacking group, which has ties to the Chinese government. Photo: EPA-EFE

Brown declined to disclose which states were attacked. The National Governors Association did not immediately respond to a request for comment.

Select Voice

Choose your listening speed

Get through articles 2x faster

1.25x

250 WPM

Slow

Average

Fast

00:0000:00

1.25x