Targeting of U.S. federal civilian agency
Date of report
  • March 2023
Chinese threat actor Hafnium attacked an unnamed U.S. government civilian agency from August to January 2023. Hafnium exploited a known vulnerability in software in the agency’s Microsoft Internet Information Services (IIS) web server.
Suspected victims
  • U.S. federal agency
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Government
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response