Dade Murphy, CTO of the cybersecurity firm Dragonfire, told
reporters today that his firm had found indicators of compromise in other
chemical company clients that indicate that the NoReturn APT group was actively
involved in compromising companies that were looking at returning chemical
production to the United States. This is the same group that was apparently
responsible for a recent
ransomware attack on an unnamed medical supply company.
“We are actively working with the FBI on these attacks,”
Murphy told reporters; “Where we have found active indicators of compromise, we
have advised our clients to notify the federal investigators before taking any
actions to mitigate the compromise.”
Johnathan Quest, spokesman for the Federal Bureau of
Inquiry, confirmed that the FBI was working with Dragonfire on a number of
potential cyberattacks. He was unable to provide any information on those
investigations at this time.
No ransomware attacks have taken place at any of these companies.
“We have apparently found these incursions in an earlier stage of the attack,”
Dade said; “Fortunately, we know what the ransomware attack looks like from our
earlier work and we have put mitigation measures in place to sandbox any such
attack.”
Rep. Tucker Watts, JR (R,GA) announced today that he was
calling for Congressional hearings on these apparent attacks by the Chinese
government. He was joined by Rep. Harvey Milk (D,CA). Hearings may take place when
the House returns to Washington after the Memorial Day recess.
No comments:
Post a Comment