China is hacking into state governments in the United States, stealing sensitive data, and propagandizing the world with disinformation that favors Russia’s invasion of Ukraine.
The regime most recently hit at the heart of America, in part, by using an obscure livestock app called USAHERDS. Cowboys everywhere should strap-on their chaps, saddle up, and get ready to rumble.
The most recent hacks could have targeted any state government in the United States such as Texas, Nebraska, California, or Alaska. Few know which states were breached, as the American company that discovered the breaches is keeping mum. The company is called Mandiant, which Google will purchase for $5.4 billion, according to a March 9 announcement.
What we do know is that the hackers left digital fingerprints that have APT41 written all over them. APT41 is China’s regime-backed hacking group, made infamous when the U.S. Justice Department indicted five of its members in 2020.
APT41 hacks for the Chinese Communist Party (CCP), but also for criminal profit, across the United States, Europe, and Asia. France, Britain, Australia, and Chile are all targets. The CCP hackers conduct cyberespionage and cybercrime, including ransomware and the theft of virtual currency. They go beyond normal methods to insert their code surreptitiously into automatic updates to software you may already have on your computer.
Most recently, the hackers used vulnerabilities in normal programs that professionals use, including not only USAHERDS, used by 18 U.S. states, but Log4J, loaded on millions of computers worldwide that run online services.
“It’s very unnerving to see this group everywhere,” Mandiant analyst Rufus Brown told Wired Magazine. “APT41 is going after any external-facing web application that can give them access to a network. Just very persistent, very continuous targeting.”