At least nine critical networks were hacked — including one from the U.S. — in an ongoing campaign that has compromised healthcare, defense, energy, technology, and education organizations worldwide, according to reports on Monday (Nov. 8).
Cybersecurity firm Palo Alto Networks issued a report that indicated the cyberattacks have ties to China and targeted some 370 organizations on Zoho servers in the U.S. alone, with at least one compromised, as part of a wider global campaign. The Chinese threat group was labeled “Emissary Panda.”
See also: Deep Dive: How Organizations Can Fight Back Against the Ravages of Phishing
The attacks began as early as Sept. 17, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). CISA, the FBI, and the National Security Agency (NSA) are all investigating the attacks and exposing ongoing efforts by the hackers.
A division of the NSA tasked with mitigating foreign cyber threats to the U.S. defense industrial base submitted its analysis to the Palo Alto report.
The hackers behind the campaign exploited a critical vulnerability (CVE-2021-40539) in Zoho’s enterprise password management solution — ManageEngine ADSelfService Plus — which “allows remotely executing code on unpatched systems without authentication,” per the report.
Read more: Google Warns Government-Backed Hackers Are on the Rise
“While we lack insight into the totality of organizations that were exploited during this campaign, we believe that, globally, at least nine entities across the technology, defense, healthcare, energy and education industries were compromised,” the researchers from Palo Alto Networks said.
There are more than 11,000 internet-exposed servers running the vulnerable Zoho software, according to scans conducted by Palo Alto Networks. It’s not known how many systems have been patched.
None of the organizations compromised were named, and Palo Alto Networks said it was sharing the information to raise awareness about the threat and the patch.
You may also enjoy: Legitimate Online Gambling Sites Bet on Digital ID and Data to Win Against Cybercrime
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More