HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 14 MINUTES AGO.
You are here: Home / Network Security / China Hackers Resume U.S. Attacks
Chinese Hackers Resume Attacks on U.S. Targets
Chinese Hackers Resume Attacks on U.S. Targets
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
20
2013
Hackers commissioned by a cyber unit of the People's Liberation Army in China have been quiet in recent months after evidence surfaced that the crooks had stolen data from U.S government agencies and companies. But The New York Times is reporting that the group is once again on the cyber warpath with new strategies.

The Times is citing American security experts and officials as its source. Mandiant, the firm that issued a report on Chinese hackers in February, is one of those security experts. Although the firm declined to identify the targets, the Times reports Mandiant saying the victims were many of the same ones Unit 61398 previously attacked.

"In interviews, Obama administration officials said they were not surprised by the resumption of the hacking activity," the Times reported. "One senior official said Friday that 'this is something we are going to have to come back at time and again with the Chinese leadership,' who, he said, 'have to be convinced there is a real cost to this kind of activity.' "

$873 Million in Damage

Security firms also have a close eye on the news. Jim Butterworth, chief security officer at HBGary, told us the fact that these hackers have resumed their attacks is not surprising.

"Every day we see adversaries adapt their attack methods to avoid detection and remain persistent in the networks," Butterworth says. "These attackers are highly motivated and well-funded and will not be easily deterred, which is why organizations need to consistently and effectively perform the five key phases of incident response: detection, validation, response, mitigation and adapt and prepare."

According to a report from the Financial Times, hackers who call China their home base did $873 million in damage to the Chinese economy in 2011. Financial Times writer Kathrin Hille says reports that the country "has no equivalent of Mandiant yet" and that its leading Internet security firms "have no ambition in investing in forensics, the capability that supports long-term, in-depth analysis of the origin, structure and technical detail of past attacks that is being built by firms such as Symantec or TrendMicro."

Long-Term Problem

Mandiant's February analysis led the firm to conclude that the APT1, a prolific cyber-espionage group that is believed to be part of the Chinese military's Unit 61398, has conducted attacks on a number of victims since at least 2006, is likely sponsored by the Chinese government and is one of the most persistent of China's threat actors.

According to Mandiant, APT1 maintains an extensive infrastructure of computer systems around the world. In over 97 percent of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.