Nearly 40 U.S. contracting facilities with access to classified information have been targeted by a hacking group with suspected ties to the Chinese government since Feb. 1, according to a bulletin disseminated to contractors by the Defense Counterintelligence and Security Agency on Wednesday.
The bulletin, obtained by Politico, is marked “unclassified/for official use only” and warns that DCSA’s cyber division detected nearly 600 “inbound and outbound connections” from “highly likely Electric Panda cyber threat actors” targeting 38 cleared contractor facilities, including those specializing in health care technology.
Advertisement
“Electric Panda” is not a widely accepted designation for a state-sponsored hacking group, cyber experts said, but the cybersecurity firm CrowdStrike has attributed Electric Panda to the Chinese government, the bulletin notes. The term “connections” is also pretty vague, experts noted, but former National Security Agency researcher Dave Aitel said the detection of both inbound and outbound activity likely means the U.S. managed to penetrate the command and control machines that Electric Panda was using.
Cleared contractor facilities often receive warnings about hacking attempts from the FBI and DCSA, but the notices rarely attribute the malicious activity to a specific group or nation-state as the DCSA did with Electric Panda, one employee at a firm that contracts for the intelligence community said.
The warning comes as tensions rise between the U.S. and China over the spread of Covid-19, with U.S. intelligence agencies examining the possibility that t ..
Support the originator by clicking the read the rest link below.
