A mysterious organization called APT6 has had access to supposedly-protected U.S. government files for years, according to the FBI. Motherboard:
The feds warned that “a group of malicious cyber actors,” whom security experts believe to be the government-sponsored hacking group known as APT6, “have compromised and stolen sensitive information from various government and commercial networks” since at least 2011, according to an FBI alert obtained by Motherboard.
The alert, which is also available online, shows that foreign government hackers are still successfully hacking and stealing data from US government’s servers, their activities going unnoticed for years. This comes months after the US government revealed that a group of hackers, widely believed to be working for the Chinese government, had for more than a year infiltrated the computer systems of the Office of Personnel Management, or OPM. In the process, they stole highly sensitive dataabout severalmillions of government workers and even spies.
In the alert, the FBI lists a long series of websites used as command and control servers to launch phishing attacks “in furtherance of computer network exploitation (CNE) activities [read: hacking] in the United States and abroad since at least 2011.”
It’s not known who the hackers might be, although some experts say Chinese involvement is likely. Last year, we learned that Chinese hackers had hacked the Office of Personnel Management, accessing information on tens of thousands of government employees. The revelation that China had information about government employees compelled the CIA to pull assets from Beijing, among other significant consequences.
That the federal government has yet to get a full grip on even the scope of the problem certainly points to just how tough a problem cybersecurity is. We’re struck by how little attention the vulnerability of U.S. data gets from the White House. Previously, we’ve seen the White House consider addressing the problem with sanctions on Chinese individuals and companies. But that’s not likely to be an effective response in a situation where defense really is the best form of offense. Right now, America’s cyber defenses simply aren’t doing their job. Shoring them up seems like it should be a higher priority.