START A PETITION 25,136,189 members: the world's largest community for good
START A PETITION
x

Video:Report Ties Cyberattacks on U.S. Computers to Chinese Military


Science & Tech  (tags: china, usa, world, ethics, media, politics, news, NewTechnology, technology, tech, study, investigation, computers )

JL
- 524 days ago - washingtonpost.com
A U.S. security firm has linked China's military to cyberattacks on more than 140 U.S. and other foreign corporations and entities, according to a report released Tuesday



Select names from your address book   |   Help
   

We hate spam. We do not sell or share the email addresses you provide.

Comments

JL A. (272)
Wednesday February 20, 2013, 8:58 am
Report ties cyberattacks on U.S. computers to Chinese military
By William Wan and Ellen Nakashima, Published: February 19

BEIJING — A U.S. security firm has linked China’s military to cyberattacks on more than 140 U.S. and other foreign corporations and entities, according to a report released Tuesday.

The 60-page study by investigators at the Alexandria-based Mandiant security firm presents one of the most comprehensive and detailed analyses to date tracing corporate cyber-espionage to the doorstep of Chinese military facilities. And it calls into question China’s repeated denials that its military is engaged in such activities.

The document, first reported by the New York Times, draws on information that Mandiant collected from what the company said was the systematic theft of data from at least 141 organizations over seven years. Mandiant traced the attacks back to a single group it designated “Advanced Persistent Threat 1,” or “APT1,” and now has identified the group as a Chinese military unit within the 2nd Bureau of the People’s Liberation Army General Staff Department’s 3rd Department, code named “Unit 61398.”

Although most of the targets were U.S. companies, a Mandiant official said APT1 also hit about a dozen entities that he described as smaller U.S. local, state and federal government agencies and international governmental organizations overseas.

Senior U.S. officials, including President Obama, have raised the issue of Chinese cyber attacks on commercial targets over the past year. White House press secretary Jay Carney declined to address the Mandiant report, but he said, “We have repeatedly raised our concerns at highest levels about cybertheft with senior Chinese officials, including the military, and we will continue to do so.”

Analysts have long linked the unit to the Chinese military’s 3rd Department, and to extensive cyber-espionage. But what Mandiant has done is connect the dots and add new ones by locating the Internet protocol addresses used in commercial cyberattacks, placing them on a map and linking that information to open-source data about people associated with the unit.

“Since 2006, Mandiant has observed APT1 compromise 141 companies spanning 20 major industries,” the firm said in its report. Of those victims, 87 percent “are headquartered in countries where English is the native language,” it said.

Mandiant did not name the victims but said 115 of them are located in the United States, two in Canada and five in Britain. Of the 19 others, all but two operate in English.

One apparent victim was Telvent, a Madrid-based technology company with U.S. headquarters in Rockville that enables energy suppliers and others to remotely control their operations, security researchers and company officials said. Telvent helps manage 60 percent of the flow of hydrocarbons in North America and Latin America, according to its Web site. Technology made by the company, owned by Schneider Electric, also helps control and monitor power grids around the world.

Separately Tuesday, Apple Inc. said the same hackers who targeted Facebook last month have also gone after Apple and infiltrated a small number of the company’s computers. Neither company publicly identified the nationality of the hackers.

The top sectors targeted by the APT1 cyber-espionage campaign, Mandiant said, are information technology, aerospace, public administration, satellites and telecommunications, and scientific research and consulting.

“We have figured things out in an unclassified way that the government has known through classified means,” said Richard Bejtlich, Mandiant chief security officer, adding that the company shared the study with U.S. intelligence agencies before it was released.

The unit is just one of dozens working for the Chinese military in cyber-espionage all over the country, analysts say. There are other units within the General Staff Department’s 2nd Department, which conducts military intelligence, and within the Ministry of State Security, which conducts internal counterintelligence and external espionage, according to analysts.

APT1, also dubbed “Comment Crew” by security companies that have studied its tactics, focuses on commercial targets overseas, which makes its work more visible to the security firms tracking the intrusions. Chinese units that focus on military and intelligence targets are less visible to the cybersecurity companies.

The Chinese military has repeatedly denounced accusations that it is engaging in cyber-espionage, and did so again Tuesday.

“Similar to other countries, China faces serious threats from cyberattack and is one of the main victims of cyberattacks in the world,” the Ministry of Defense said. “The Chinese army never supported any hacking activities. The accusation that the Chinese military engaged in cyberattacks is neither professional nor in accordance with facts. “

Chinese Foreign Ministry spokesman Hong Lei on Tuesday also challenged the report’s findings. “Hacking attacks are transnational and anonymous,” and determining their origins is extremely difficult, he said. “We don’t know how the evidence in this so-called report can be tenable.”

Mandiant investigators said they based their conclusion in part by tracing an overwhelming number of cyberattacks by the APT1 group to networks serving a small area on the edges of Shanghai — the same area where Unit 61398 is believed to be operating in a 12-story building. It also found evidence that China Telecom had provided special high-speed fiber optic lines for those headquarters in the name of national defense.

The Mandiant report echoed a classified National Intelligence Estimate by the U.S. intelligence community that concluded that China was the most aggressive perpetrator of a massive campaign of cyber-espionage against commercial targets in the United States.

Nakashima reported from Washington. William Branigin in Washington contributed to this report.
 

Carol D. (104)
Wednesday February 20, 2013, 1:08 pm
Sly lot these Chinese .Who are they trying to kid.Do they take the American computer experts for imbeciles If they traced 1 person before trying to hack into the pentagon from Uk I think they know what they are doing. Wake up China You've been found out! If you are not allowed to go there they know you cant prove anything. Dont trust them ever again

Noted Thanks
 

Michael Kirkby (83)
Wednesday February 20, 2013, 1:51 pm
Ask the Swiss bankers who hummed and hawed about releasing certain bank accounts of a wanted terrorist. They changed their tune when the NRA started unpacking their equipment and were told not to bother coming in to work next morning as there would be no funds available. The Chinese are good but watch what happens when the NRA are unleashed and the gloves come off. Yippee ai o kai ay....
 

JL A. (272)
Wednesday February 20, 2013, 2:20 pm
You cannot currently send a star to Carol because you have done so within the last week.
You cannot currently send a star to Michael because you have done so within the last week.
 

paul m. (93)
Thursday February 21, 2013, 2:04 am

Noted..
 
Or, log in with your
Facebook account:
Please add your comment: (plain text only please. Allowable HTML: <a>)

Track Comments: Notify me with a personal message when other people comment on this story


Loading Noted By...Please Wait

 

 
Content and comments expressed here are the opinions of Care2 users and not necessarily that of Care2.com or its affiliates.