Targeting of U.S. federal agencies via PulseSecure VPN

Date of report

April 2021

Affiliations

APT 5

Five U.S. federal agencies were targeted in a Chinese espionage operation, along with several defense contractors and financial institutions in the country. The hackers made use of zero-day vulnerabilities in the PulseSecure VPN system to gain access to the different organizations' systems.

Suspected victims

U.S. government agencies and contractors

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government
Private sector

Victim government reaction

Policy response

Confirmation

Suspected state sponsor response

Denial

Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events