Chinese spies have infiltrated the cyber networks of several American government agencies. The US Cybersecurity and Infrastructure Security Agency (CISA) said it was “providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.”
It is unclear which US agencies were affected or who is responsible, but a Russian-speaking group has reportedly claimed credit and repeated the action against a variety of agencies worldwide.
CISA Director Jen Easterly said the software in question is one that is routinely used by companies and agencies, adding that cyber vulnerabilities are common and the role of her organization is to ensure that those affected have the capacity to mitigate the risks.
The attack comes just months after the Biden administration unveiled its national cyber strategy. The government’s report on the issue stated that the strategy would focus on defending critical infrastructure, disrupting cyber criminals, and creating and enhancing international partnerships to combat the threat. It will broaden the minimum cybersecurity requirements and allow more public-private partnerships to keep up with the constantly evolving hazard.
The Treasury Department has already announced joint sanctions with the United Kingdom against a Russian cybercrime gang known as Trickbot.
Last year, President Biden signed legislation that required CISA to “develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments to CISA.” The responsibility for defending cyber networks was furthermore moved away from private businesses and taken over by the federal government.
Despite the claim that Russian-speaking groups are involved in the latest attack, the American cybersecurity firm Mandiant said state-backed Chinese hackers have been infiltrating hundreds of public and private networks. A statement from the organization said it was confident that this was a Chinese espionage operation.
Cyber attacks are not uncommon and several American agencies and businesses have been targeted in the past. In 2020, then-Secretary of State Mike Pompeo blamed Russia when 18,000 US organizations had malicious codes injected into their networks.