A few weeks ago a group of researchers in the West detected a cyber espionage campaign operated from China. While experts initially believed that this was an ambitious campaign, it has now been confirmed that this attack is more dangerous than previously thought, as it involves sophisticated threat actors abusing a device designed to optimize the experience of users on the Internet in order to access critical systems in the US.
This hacking campaign targeting Pulse Connect Secure network devices was revealed in April, although the cybersecurity community had no idea about its actual scope until now. Early reports indicated that the hackers had only targeted Verizon, a major telecommunications company; now, it has been confirmed that the incident also involves the systems of the New York Subway, one the most important subway transportation networks worldwide. Other reports claim that the incident also affected dozens of companies and public organizations that have not been named, although this could be about to change.
On the other hand, the possibility that threat actors have accessed confidential information of the affected organizations has not yet been confirmed or ruled out. Experts in cyberwar research and electronic espionage say that reaching specific conclusions can take months.
Since the incident was confirmed Ivanti, parent company of Pulse Connect Secure, has declined to comment.
The researchers say that China has a long history of using technology and hacking tools to spy on the United States and other countries considered adversaries, constituting itself as one of the main threats of espionage.
Six years ago it was reported that a Chinese hacking group managed to steal millions of background check files from federal government employees of the Office of Personnel Management. And last year, the Justice Department indicted two hackers for their alleged collaboration with the Chinese government to target various companies developing vaccines against the coronavirus, committing an investment of hundreds of millions of dollars and disrupting a crucial investigation for humanity.
Como era de esperarse, el gobierno chino negó su participación en la campaña de hacking contra Pulse Connect Secure, además de que el gobierno de Estados Unidos no ha hecho ninguna acusación formal.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.