US Cybersecurity firm Mandiant said at least six US states were targeted by China-linked hackers who exploited vulnerabilities in web software intruding into those states.
The notorious Chinese hacking group APT41 has targeted the US states in a stubborn and adaptive campaign, according to a Mandiant report.
From last May to February this year, the group hit at least 6 US government networks, by exploiting vulnerabilities in Internet-facing software including an animal health reporting app.
Cybersecurity firm Mandiant said the victims and data targeted by the hackers were "consistent with an espionage operation", but did not rule out that the motive was money given the group's "history of working overtime for personal financial gain".
For example, within hours of Apache's announcement of the critical flaw, hackers began taking advantage of it and attacking the governments of at least two US states "in addition to their traditional targets in the insurance and telecom industries".