A recent security breach at F5, a cybersecurity company based in the US, has been attributed to state-backed hackers from China, according to sources familiar with the matter. US government officials disclosed on Wednesday that federal networks are under attack by an unknown “nation-state cyber threat actor” aiming to exploit vulnerabilities in F5’s products. Despite requests for comment, F5 has not responded to inquiries from Reuters.
In response to the allegations, Liu Pengyu, a spokesperson for the Chinese Embassy in Washington, stated that while he was not informed about the specific incident, China consistently opposes and fights against hacking activities within the confines of the law. He emphasized China’s strong stance against the spread of false information for political motives.
The US Cybersecurity and Infrastructure Security Agency (CISA), contacted by Reuters, refrained from confirming whether the breach was orchestrated by Chinese state-backed hackers. Acting Director Madhu Gottumukkala from CISA warned about the risks posed to any organization using F5 technology, highlighting the potential for a significant compromise of crucial information systems. However, the statement did not attribute the hack to any specific entity.
Sources with knowledge of the investigation revealed that the hackers had infiltrated F5’s network for over a year, raising concerns about the extent of the breach and its implications for data security.