U.S. government flags software vulnerability suspected of Chinese hacking | Business & Economics

Kuala Lumpur, Malaysia – The U.S. state of Montana suspended the use of an agricultural database to improve its security, months before its developers had to fix security flaws exposed in a suspected Chinese state-sponsored cyberattack, newly obtained documents show.

According to documents obtained by Al Jazeera, the Montana Department of Agriculture temporarily took the web-based USAHERDS software offline last year to allow the app’s developers to tighten security after an unspecified “incident.”

The security upgrade comes months before the app’s developer, Acclaim Systems, released a patch in November to fix a vulnerability exploited in an alleged hacking campaign by the Chinese group APT41, which cybersecurity experts and U.S. officials say Espionage on behalf of Beijing.

It is unclear whether the events leading to the latest changes to USAHERDS, which are used in at least 18 U.S. states to track livestock, have any connection to the APT41 attack, which was disclosed in March following an investigation by U.S. cybersecurity firm Mandiant.

Mandiant’s report on the hacking campaign said APT41 had compromised the networks of at least six U.S. state governments, but did not name any states.

China has repeatedly stated that it opposes all cyber attacks and never supports or encourages such activities.

In a letter to the Montana Department of Agriculture last year, Acclaim Systems executive director David P Burgess said the changes his company was required to implement after an “incident” in Montana had been “completed and tested” , and can “deploy to your staging area for testing when you allow”.

“This letter is to outline that we have made these proposed changes so that the app can be brought back online for use in Montana,” Burgess said in the letter dated August 6, 2021 .

The exact nature of the incident and the security changes, including who made the request, is unclear, as Montana officials redacted significant parts of the letter before releasing it to Al Jazeera, although the visible text indicated the security escalation. Include new encodings.

Burgess’ letter also mentions “other requests” his company has received from the department and expresses his desire to address “other areas of concern.”

“We’re doing our part to help strengthen that environment,” Burgess said.

The documents also show that in October, when Manidant said APT41’s exploitation of USAHERDS was widespread in multiple states, the Montana Department of Agriculture received a notification from the U.S. government-backed Cyber ​​Threat Monitoring Center that the app had been compromised. invasion.

The content of the alert, sent by the Multistate Information Sharing and Analysis Center, was fully edited by state officials before publication.

compliment email

Al Jazeera obtained the letter and other related documents through a public records request from the Montana Department of Agriculture.

Representatives for the Montana Department of Agriculture, the Montana Administration, Acclaim Systems and Mandiant either declined to comment or did not respond to inquiries. The National Agribusiness Technology Center, a nonprofit company that oversees the USAHERDS network, also did not respond to a request for comment.

MS-ISAC

Agriculture has become an increasingly common target for cyberattacks in recent years, as the industry has become increasingly digitized and considered a soft target compared to other industries, cybersecurity experts say.

In just 10 months, cyber intrusions affecting agriculture have increased tenfold, US cybersecurity firm CrowdStrike said in a 2020 report.

In April, the FBI issued an advisory warning farmers to be wary of ransomware attacks during the harvest and planting seasons, noting a series of attacks on grain companies and agricultural cooperatives the previous year.

Adam Meyers, director of intelligence at CrowdStrike, said the agricultural sector has become a valuable target for cybercriminals and state actors, with Chinese- and North Korean-linked hackers leading industrial espionage around the world.

“As threats to agriculture continue to proliferate, climate change and the conflict in Ukraine continue to put additional pressure on international food supplies,” Meyers told Al Jazeera. “Digital agriculture continues to rely heavily on advanced technology, which is highly sought after in industrial espionage.”

Source link