Targeting of U.S. federal civilian agency

Date of report

March 2023

Affiliations

Hafnium

Chinese threat actor Hafnium attacked an unnamed U.S. government civilian agency from August to January 2023. Hafnium exploited a known vulnerability in software in the agency’s Microsoft Internet Information Services (IIS) web server.

Suspected victims

U.S. federal agency

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events