HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 9 MINUTES AGO.
You are here: Home / Network Security / Report Ties Attacks to China Military
Druva Endpoint Backup:
Enterprises Realize Simple Secure Backup with Druva
www.druva.com
Security Firm Ties Cyber-Attacks to China Military Unit
Security Firm Ties Cyber-Attacks to China Military Unit
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
19
2013


The Chinese military appears to be hacking into U.S. interests. Mandiant, a security firm The New York Times hired, just released a 60-page report that alleges members of "Comment Crew" and "Shanghai Group" have been tied to a 12-story building that's connected with the People's Liberation Army Unit 61398.

Mandiant's analysis led the firm to conclude that the APT1, a prolific cyber-espionage group that has conducted attacks on a number of victims since at least 2006, is likely sponsored by the Chinese government and is one of the most persistent of China's threat actors.

"APT1 focuses on compromising organizations across a broad range of industries in English-speaking countries," Mandiant said. "APT1 has systematically stolen hundreds of terabytes of data from at least 141 organizations."

Possibly Hundreds Involved

According to Mandiant, APT1 maintains an extensive infrastructure of computer systems around the world. In over 97 percent of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language.

The size of APT1's infrastructure implies a large organization with at least dozens, but potentially hundreds of human operators. In an effort to underscore that there are actual individuals behind the keyboard, the Mandiant reveals three personas that are associated with APT1 activity. Mandiant is also releasing more than 3,000 indicators to bolster defenses against APT1 operations.

"These issues with China are escalating, and at some point other countries have to acknowledge what appears to be a foreign country attacking their corporate citizens," said Alex Horan, senior product manager, CORE Security. "It feels like we've reach a tipping point here. The evidence is clear and the U.S. government will have to formally respond."

Jumping the Gun?

Graham Cluley, a senior security analyst at Sophos, said it shouldn't be forgotten that The New York Times was recently hacked and pointed the finger of blame firmly in the direction of China.

In late January, the Times reported criminals had stolen passwords for its reporters and other employees. The Wall Street Journal reported a similar incident the next day. But Cluley is warning to proceed with caution.

"As we've discussed before, attribution is the key problem in these stories. How can you prove that country X was behind an Internet attack rather than, say, a patriotic hacker working from his back bedroom, or a hijacked PC controlled by a hacker in a different country?" Cluley asked in a blog post.

"At the same time, we shouldn't be naive. Countries around the world (not just the Chinese) are using the Internet to spy on each other and gain advantage, whether it be political, financial or military. Mandiant has certainly put together a hefty report -- and it's well worth a read. Naturally, the Chinese government has debunked the claims."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
In late breaking news on Thursday, an unnamed U.S. government official told the press that investigators have solved the vexing question of how Sony’s computer network was hacked.

ENTERPRISE HARDWARE SPOTLIGHT
Almost half of consumer, industry and life sciences manufacturers are expected to be using 3D printers within three years and now 3D printing services are aiming to help companies experiment.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.