Print this page

Estimated reading time: 1 minute, 45 seconds

What to Know About Global Hack on Defense and Other Sectors  

Friday, Nov 12 2021
Vulnerabilities
Written by  Security Tech Brief

Hackers with potential links to China have compromised at least nine global organizations, including the U.S. Department of Defense, according to findings by cybersecurity firm Palo Alto Networks.

china 1020914 640 smallThe hackers stole passwords from some affected entities in hopes of tapping into those systems over the long haul, Palo Alto Networks executive Ryan Olson told CNN, which first reported the findings. Long-term access could position the hackers to steal sensitive emails or other valuable data.

Olson told CNN that the apparent spying campaign likely breached more than just the nine confirmed victims. While the identity of the intruders is unknown, Palo Alto Networks said that they used some techniques in common with a suspected Chinese hacking group.

Officials from the National Security Agency and the US Cybersecurity and Infrastructure Security Agency have been monitoring such threats, CNN notes, and an NSA division contributed to Palo Alto Networks’ findings.

Palo Alto Networks said in a blog post that the attack began as early as September 17 and stretched through early October, targeting some 370 organizations in all. “Given the scale, we assess that these scans were largely indiscriminate in nature as targets ranged from education to Department of Defense entities,” the blog post said. The vulnerability hackers exploited was apparently in software used to manage network passwords.

CISA, the Coast Guard, and the FBI issued a security alert just before the hack reportedly began, warning of the vulnerability in Zoho IT management software, notes The Hill.

CISA official Eric Goldsten told Axios that the agency worked with Palo Alto Network through the Joint Cyber Defense Collaborative to “understand, amplify and drive action in response to the activity identified in this report.”

Palo Alto Networks executive Wendi Whitmore told Axios that the study “underscores the importance of rapid patch management, real time threat intelligence sharing and the ability to rapidly detect new threat activity within environments.” Whitmore encouraged entities using the Zoho software to resolve any security bugs prior to changing their passwords.

Morgan Adamski of the NSA told Axios that the agency is “delivering real-time impact to our partners and the defense of the nation.”

Read 1342 times
Rate this item
(0 votes)