A global cyberattack hit “several” U.S. federal government agencies, exploiting a vulnerability in a commonly used software, according to the US Cybersecurity and Infrastructure Security Agency (CISA).
Eric Goldstein, CISA’s executive assistant director for cybersecurity, told CNN in a statement on Thursday that the agency “is providing support to several federal agencies that have experienced intrusions.”
“We are working urgently to understand impacts and ensure timely remediation,” Goldstein added.
It is unclear who is behind the massive attack.
The United States Navy was one of the victims of a cyberattack conducted by a Chinese government hacking group discovered earlier this year by Microsoft, Secretary of the Navy Carlos Del Toro revealed last month.
According to CNBC, Del Toro said the Navy “has been impacted” by the cyberattacks that Microsoft said also involved installing a malicious computer code in telecommunications systems in Guam and other U.S. locations.
Del Toro noted it was “no surprise that China has been behaving in this manner, not just for the last couple years, but for decades.”
Del Toro’s revelations come after the Microsoft executive who oversees the company’s threat intelligence unit, Tom Burt, said Microsoft analysts discovered mysterious code in February, according to The New York Times.
The invasive code was installed in secret through routers and other internet-connected consumer devices, the Times reported, making the hack difficult to detect.
The National Security Agency, along with five partner agencies, released the “People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection” Cybersecurity Advisory (CSA) “to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon.”
“For years, China has conducted operations worldwide to steal intellectual property and sensitive data from critical infrastructure organizations around the globe,” CISA Director Jen Easterly said in a statement. “Today’s advisory, put out in conjunction with our US and international partners, reflects how China is using highly sophisticated means to target our nation’s critical infrastructure.”
This was a breaking news story. The details were periodically updated as more information became available.