Accessibility links

Breaking News

Security Company Says Chinese-linked Spy Attacks Hit Hundreds of Users

FILE - Attendees walk past a display showing cyberattacks in China at the China Internet Security Conference in Beijing, on Sept. 12, 2017. (AP Photo/Mark Schiefelbein, File)
FILE - Attendees walk past a display showing cyberattacks in China at the China Internet Security Conference in Beijing, on Sept. 12, 2017. (AP Photo/Mark Schiefelbein, File)
Security Company Says Chinese-linked Spy Attacks Hit Hundreds of Users
please wait

No media source currently available

0:00 0:05:43 0:00

A security company has accused Chinese hackers of carrying out internet attacks on hundreds of public and private organizations.

The hackers used a vulnerability in a popular email security tool that made the attacks possible, officials from cybersecurity company Mandiant said.

Google-owned Mandiant said it suspected the Chinese government backed the attacks. Nearly a third of those targeted were government agencies, including foreign ministries, the company added.

China's foreign ministry spokesman Wang Wenbin called the Mandiant report "far-fetched and unprofessional." He added that American companies continued to turn out reports as part of the U.S. government's false accusations against other countries.

Charles Carmakal is the chief technical officer at Mandiant. He told The Associated Press the attacks were believed to be the largest online spying campaign linked to China since the attack on a Microsoft email product in early 2021. That hack affected tens of thousands of computers around the world.

The attack used a problem in an email security software program made by Barracuda Networks, a company in California. Mandiant said it highly suspects the attack involved a spying operation “in support of the People’s Republic of China.” It said the activity began as early as October.

Mandiant said the hackers sent emails containing harmful attachments to get into targeted organizations’ devices and data.

The company said of those organizations, 55 percent were from the Americas. Twenty-two percent were from the Asia Pacific area, while 24 percent were from Europe, the Middle East and Africa. Mandiant said the targets included foreign ministries in Southeast Asia, foreign trade offices and schooling organizations in Taiwan and Hong Kong.

The fact that the majority of attacks happened in the Americas is likely because that is where Barracuda has the most users.

Barracuda announced on June 6 that some of its email security systems had been hacked as early as October. The hacking operation was so severe that Mandiant suggested that users fully replace its system.

The company said after discovering the problem in May, Barracuda released software fixes to limit damage and repair the system. But the hacking group changed their programming so it could continue its attacks. The group – which Mandiant identified as UNC4841 – then began targeting victims in at least 16 different countries.

Mandiant said the attacks were centered on areas considered to be important for Chinese policy, including the Asia Pacific area. The attacks included both organizations and individual accounts.

Barracuda said about five percent of its active Email Security Gateway systems around the world showed evidence of possible attack. It said it was providing replacement systems to affected buyers at no cost.

The U.S. government has accused China of being its main online spying threat. U.S. officials have pointed to evidence that state-backed Chinese hackers have in the past stolen data from both private and public individuals and organizations.

U.S. officials have said suspected Chinese-linked internet attacks have targeted a series of American companies and agencies. These included the government’s Office of Personnel Management (OPM), health care company Anthem, Equifax, and Marriott.

Earlier this year, Microsoft said state-backed Chinese hackers had been targeting important U.S. infrastructure. The company suggested China could be preparing to possibly attack communication links between the U.S. and Asia during future crises.

China has repeatedly accused the U.S. of also performing online spying operations against it.

I’m Gregory Stachel.

Frank Bajak reported this story for The Associated Press. Gregory Stachel adapted it for VOA Learning English.


Words in This Story

hack v. to secretly get access to the files on a computer or network in order to get information or cause damage

vulnerable adj. easy to hurt or attack physically or emotionally

far-fetched adj. not likely to happen or be true

infrastructure n. the basic equipment and structures (such as roads and bridges) needed for a country or area to operate


What do you think of this story?

We want to hear from you. We have a new comment system. Here is how it works:

  1. Write your comment in the box.
  2. Under the box, you can see four images for social media accounts. They are for Disqus, Facebook, Twitter and Google.
  3. Click on one image and a box appears. Enter the login for your social media account. Or you may create one on the Disqus system. It is the blue circle with “D” on it. It is free.

Each time you return to comment on the Learning English site, you can use your account and see your comments and replies to them. Our comment policy is here.