A mysterious hacking group has had access to U.S. government files for years and the hackers might still be able to siphon data off government computer networks. The hack apparently dates back to 2011, though it may be linked to attacks on the U.S. government’s computer infrastructure originating in 2008.
According to Motherboard, the Bureau made its announcement in an alert that’s also posted online. The group, known as APT6 or Advanced Persistent Threat 6, “have compromised and stolen sensitive information from various government and commercial networks” since 2011, the FBI says.
Russian security firm Kaspersky Lab told the tech site that APT6 is “one of the earlier APTs. They definitely go back further than 2011 or whatever—more like 2008 I believe,” researcher Kurt Baumgartner said. He didn’t specify whether APT6 is tied to the Chinese government, as some suspect, but he said that its targets align with the interest of a state-sponsored attacker.
Even though the FBI published an extensive list of websites that are part of command and control servers that launch phishing attacks, it’s not clear whether the threat has been removed. In fact, some security experts believe that hackers would still be able to roam freely inside U.S. government computers.
“Looks like they were in for years before they were caught, God knows where they are,” information security expert Michael Adams told the site. Adams served more than two decades in the U.S. Special Operations Command. “Anybody who’s been in that network all this long, they could be anywhere and everywhere.”
Adams further added that the alert is practically an admission that the government is not in control of its own computer network.
“It’s just flabbergasting,” he said. “How many times can this keep happening before we finally realized we’re screwed?”