In April 2021, cybersecurity firm FireEye revealed that Chinese state-affiliated hackers were conducting a cyber-campaign targeting U.S. government agencies, defense contractors, and financial institutions. Using a vulnerability in American virtual private networking (VPN) devices, at least two groups broke into the systems of several public and private institutions. While FireEye was unable to attribute all of the attacks to specific actors, they ascertained that at least part of the campaign was run by hackers with ties to APT5, a Chinese state-affiliated group active since at least 2007. The Washington Post reported that the attacks allowed “theft of intellectual property, project data” and that the full extent of data theft caused by the intrusions may never be known.
Chinese state-affiliated APT5 steal data from many institutions in the United States