China's government tied to new hack attacks targeting U.S. government

• Charles Carmakal, a senior vice president of Mandiant, told NBC News Wednesday, "We're starting to see a resurgence of espionage activity from the Chinese government."

Driving the news: The U.S. Cybersecurity and Infrastructure Security Agency said in a statement Tuesday that the breach was "affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations."

Zoom in: Carmakal said in an emailed statement that Mandiant "recently responded to multiple security incidents involving the exploitation of Pulse Secure VPN appliances," which is used by businesses for remote work.

• The breach affected "dozens of organizations including government agencies, financial entities, and defense companies" in the U.S. and Europe, he said.
• "We suspect these intrusions align with data and intelligence collection objectives by China," Carmakal added.
• Per Carmakal, the hackers bypassed the multifactor authentication on Pulse Secure devices to access the as-yet unnamed victims' networks, accessing these sites "for several months without being detected."

"We believe that multiple cyber espionage groups are using these exploits and tools, and there are some similarities between portions of this activity and a Chinese actor we call APT5. "

Of note: President Biden took office a month after cybersecurity firm SolarWinds announced it was hacked in December, in a breach that was later discovered to be part of a massive cyberattack by suspected Russian hackers on multiple government agencies and U.S. firms.

• In response, the Biden administration imposed sweeping sanctions targeting the Russian economy earlier this month.
• Homeland Security Secretary Alejandro Mayorkas announced earlier this month a program designed to counter online attacks.