Cyber attacks from China have become a major problem for U.S. institutions and companies. One recent incident — an attack in March on six U.S. state governments carried out by a group of organized civilians — shows how the threat is coming not just from state-backed operatives from the People’s Liberation Army or Ministry of State Security (MSS).
Hackers targeted the six states through a vulnerability in a livestock disease-tracking application called USAHEARDS. Analysts have since attributed the attack to Advanced Persistent Threat 41 (APT41), a Chengdu-based criminal hacking syndicate. APT41 has also been referred to as Barium, Winnti, Double Dragon, Wicked Panda and Wicked Spider, according to a press release for three Department of Justice indictments from 2020 targeting the group.
APTs — a term coined by the U.S. Air Force in 2006 — are a common source of Chinese cyber attacks. They are made up of talented civilian hackers who the government often enlists to carr