A breach at US-based cybersecurity company F5 has been blamed on state-backed hackers from China, two people briefed on the investigation said on Thursday.
On Wednesday, U.S. government officials said federal networks are being targeted by an unidentified “nation-state cyber threat actor” that is trying to exploit vulnerabilities in products made by F5. The company did not respond to Reuters’ requests for comment.
China rejects hacking claims
Liu Pengyu, a spokesperson for the Chinese Embassy in Washington, said in a statement he was not familiar with the situation, but that “China consistently opposes and combats hacking activities in accordance with the law, and we are even more opposed to the dissemination of false information for political purposes.”
The U.S. Cybersecurity and Infrastructure Security Agency, when contacted by Reuters, did not confirm whether the breach was carried out by Chinese state-backed hackers.
Hackers believed to be inside network for over a year
“These same risks extend to any organization using this technology, potentially leading to a catastrophic compromise of critical information systems,” CISA acting Director Madhu Gottumukkala said in a statement, without specifying who was behind the hack.
The two people briefed on the investigation said the hackers were inside F5’s network for more than a year.