security

Chinese Hackers Allegedly Targets the US, International Gov. Agencies Via Pulse Secure VPN Devices' Flaw – Tech Times


Several Chinese hackers are accused of breaching Pulse Secure VPN and targeting the United States and international defence agencies, financial institutions, and government departments. The FireEye cybersecurity firm released this info.  

Security Experts Claim US Gov. Agencies are Targeted by Chinese Hackers; Details of Pulse Secure VPN's Flaw

(Photo : Photo by Sean Gallup/Getty Images)
A participant sits with a laptop computer as he attends the annual Chaos Communication Congress of the Chaos Computer Club at the Berlin Congress Center on December 28, 2010 in Berlin, Germany. The Chaos Computer Club is Europe’s biggest network of computer hackers and its annual congress draws up to 3,000 participants.

Security experts involved in the current investigation said that hackers could be members of the alleged Chinese government-linked UNC2630 cyber attacker group. 

They added that the hacking group could have started their malicious act way back in June 2020 or even earlier than that. FireEye also explained that the current breach is a serious one since many financial, government, and defence organizations rely on Pulse Secure’s VPN service. 

Is the Chinese hackers’ alleged activity really serious? 

Security Magazine reported that since the current Chinese hacking issue could lead to a massive breach, CISA (The Cybersecurity and Infrastructure Security Agency) has already issued an emergency directive on Pulse Connect Secure. 

Also Read: Instagram Anti-Abusive DM Tool Helps Protect Users from Harassing and Harmful Messages

This directive orders government agencies and departments across the globe to use the Pulse Connect Secure Integrity Tool since it could help them protect their valuable credentials and other sensitive information. 

On the other hand, FireEye security researchers claimed that the accused hacking group could also be connected to APT5, another online attacking group, which was also linked to the Chinese government. 

“We suspect some intrusions were due to the exploitation of previously disclosed Pulse Secure vulnerabilities from 2019 and 2020,” added the involved security experts.  

Is Pulse Secure working on the issue?

On Tuesday, Apr. 20, Pulse Secure confirmed that they are already investigating the alleged VPN issue. The company added that its team is working on possible ways and methods on how to fix the said flaw. 

“The team has been working proactively with leading forensic experts and industry groups, including Mandiant/FireEye, CISA, and Stroz Friedberg, among others, to investigate and respond to the exploit behavior,” said Pulse Secure. 

Meanwhile, Business Insider reported that the United Kingdom. government’s National Cyber Security Center advised its domestic customers to conduct a workaround published by the giant VPN provider.

For more news updates about the Pulse VPN issue and other serious security breaches, always keep your tabs open here at TechTimes.  

Related Article: Ransomware Group Targets Apple Supplier Quanta Demanding $50M in Exchange of Stolen Data

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.

Read More   Super Bowl 2020: Security By Land, Air, Sea And Cold Wet Nose - Miami, FL Patch





READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.