Nation-state espionage group breaches Alaska Department of Health

arstechnica.com
2 min read
fairly difficult
Fallout continues from an advanced persistent threat first detected in May 2021.
Last week, Alaska's Department of Health and Social Services (DHSS) disclosed a security breach apparently made by a sophisticated nation state-level attacker.

According to DHSS—which contracted with well-known security firm Mandiant to investigate the breach—the attackers gained a foothold inside DHSS' network via one of its public-facing websites, from which it pivoted to deeper resources.

A months-long saga

This is not the first report of the DHSS breach. The organization first publicly announced the intrusion on May 18, with a June update announcing a multipronged investigation, and one more in August on completion of the first of three investigatory steps.

In the August update, DHSS disclosed that Mandiant—a subset of larger infosec firm FireEye—completed its initial investigation and concluded that the intrusion was a direct, sophisticated attack rather than a simple drive-by ransomware infestation. "The type of group behind this disruptive attack is a very serious operation with advanced capabilities," said DHSS Commissioner Adam…
Read full article