CHINA CYBER SPIES HACK SECURITY SYSTEMS OF U.S. WATER, TRANSPORT HUBS
- By The Financial District

- Jun 16, 2021
- 2 min read
A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical US entities, Alan Suderman reported for the Associated Press (AP).

The hack of Pulse Connect Secure networking devices came to light in April, but its scope is only now starting to become clear. AP has learned that the hackers targeted telecommunications giant Verizon and the country’s largest water agency.
The Metropolitan Water District of Southern California, which provides water to 19 million people and operates some of the largest treatment plants in the world, said it found a compromised Pulse Secure appliance after CISA issued its alert in April.
News broke earlier this month that the New York City subway system, the country’s largest, was also breached.
The Metropolitan Transportation Authority in New York also said they’ve not found evidence of valuable data or customer information was stolen.
The breach was first reported by The New York Times.
Security researchers say dozens of other high-value entities that have not yet been named were also targeted as part of the breach of Pulse Secure, which is used by many companies and governments for secure remote access to their networks.
Ivanti, the Utah-based owner of Pulse Connect Secure, declined to comment on which customers were affected. But even if sensitive information wasn’t compromised, experts say it is worrisome that hackers managed to gain footholds in networks of critical organizations whose secrets could be of interest to China for commercial and national security reasons.
“The threat actors were able to get access to some really high-profile organizations, some really well-protected ones,” said Charles Carmakal, the chief technology officer of Mandiant, whose company first publicized the hacking campaign in April.
China has a long history of using the internet to spy on the US and presents a “prolific and effective cyber-espionage threat,” the Office of the Director of the National Intelligence said in its most recent annual threat assessment.
Six years ago Chinese hackers stole millions of background check files of federal government employees from the Office of Personnel Management (OPM.) In 2010, China was able to secure US intelligence data via Iran and succeeded in eliminating the biggest US spy ring in China.
Last year the Justice Department charged two hackers it said worked with the Chinese government to target firms developing vaccines for the coronavirus and steal hundreds of millions of dollars worth of intellectual property and trade secrets from companies across the world.
The Chinese government has denied any role in the Pulse hacking campaign and the US government has not made any formal attribution.
![TFD [LOGO] (10).png](https://static.wixstatic.com/media/bea252_c1775b2fb69c4411abe5f0d27e15b130~mv2.png/v1/crop/x_150,y_143,w_1221,h_1193/fill/w_179,h_176,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/TFD%20%5BLOGO%5D%20(10).png)








