Chinese Hackers Compromised Organizations in 70 Nations, Warn US Federal Agencies

A ransomware group called “Ghost” is exploiting the network vulnerabilities of various organizations to gain access to their systems, according to a joint advisory issued by multiple U.S. federal agencies. “Beginning early 2021, Ghost actors began attacking victims whose internet-facing services ran outdated versions of software and firmware,” the Cybersecurity and Infrastructure Security Agency (CISA) said in the Feb. 19 joint advisory. “Ghost actors, located in China, conduct these widespread attacks for financial gain.” The attacks have targeted schools and universities, government networks, critical infrastructure, technology and manufacturing companies, health care, and several small and mid-sized businesses. “This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China,” CISA, the FBI, and the Multi-State Information Sharing and Analysis Center said in the advisory....