Who should be blamed for the surging malicious exploits against US corporations and organizations over the last few years? Look no further than the People's Liberation Army of the People's Republic of China. Or, at least, that particular army unit that operates out of a downbeat office block in a suburb of Shanghai.
Regular readers will remember that Iran was getting the blame last month for a series of attacks on US financial institutions. But this doesn't just mean the news media is fickle in handing out blame. These latest accusations arise from a report published Tuesday by the security vendor Mandiant, which states:
APT1 is likely government-sponsored and one of the most persistent of China's cyber threat actors. We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support.
No prizes for guessing that:
People's Liberation Army (PLA's) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate.
Which brings us back to that office block.
Mandiant, the company that aided The New York Times in investigating its own recent hacking, is Kevin Mandia's creation. Mandia is not only a former Pentagon security officer, but also a former special investigator with the US Air Force.
The report is impressively thorough, and at least the information on which the allegations are based is transparently offered. In the case of the Iran accusations, we were offered little more than unattributed citations to government officials.
Whether China, Iran, or nongovernment actors are responsible, US enterprises should certainly be on notice, as never before, that their networks are being infiltrated with malicious intent. After all, if Burger King's Twitter feed can succumb ("Just got sold to McDonalds... FREDOM IS FAILURE" [sic]), nothing is sacred.
Back in 2011, McAfee was warning: "Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact." Eighteen months later, is the enterprise any closer to a solution -- or improved defenses, at least? Perhaps more importantly, are we any closer to securing vital networks like the power grid?
You see, at the end of the day, what matters is not so much whether the People's Liberation Army is running exploits against The New York Times or whether the Leader of the Revolution (in Iran) is personally going under the handle "Martyr Izz ad-Din al-Qassam Cyber Fighters."
After all, it might be in US interests to make these accusations stick. It might be in China's interests to direct US attention on Iran, or vice versa. And, of course, it might be in some third party's interest to stir trouble.
What matters to enterprises and organizations is security, and that begins at home.
@Kim, thanks for the post. I think best response to this would be to hack the hackers. US should build a team of hackers who are constantly monitoring these hackers through IP and should prevent any future hacking attempts.
I don't believe the Times is consciously a vehicle for disinformation, but there's certainly disinformation out there which the Times, like any other news organization, is capable of reproducing. Iraq is a good example.
I am sorry, I might sound a little bit paranoic, but when they say- these are hackers from China or these are hackers from Iran or these are bad guys from another country we don't like, how can you be sure, that these ARE people from Iran or China and these attacks are real, and that's not just another attempt of Mass Media to strengthen the image of the main american enemy, if James Bond doesn't fight Russians, Nothern Koreans or Islamic terrorists anymore.
Schneier's thinking is always stimulating, but I think the problem here is what the cyberespionage capacities imply for cyberwar capacities. And while I don't think we should be prompted not to engage in a cyber arms race, I do think we should get real about cyberdefenses.
Respected security blogger Bruce Schneier notes that what the Chinese is doing isn't cyberwarfare so much as cyberespionage -- and espionage is business as usual for nations. "These attacks happen all the time, and just because the media is reporting about them with greater frequency doesn't mean that they're happening with greater frequency." He says the military is going for a greater power grab in cyberspace. "I don't see any good coming from this."
Thanks for providing these New York Times articles. A lot of times we hear about Chinese hackers, but this level of detail really puts a mental picture in my mind. We're battling a new kind of war that I don't think is being given the proper attention it deserves. I'm not quite understanding why the United States is not doing more to take on the Chinese - although maybe we are and it is being kept covert.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Extending existing US wiretap laws to give federal agencies easier backdoor access to Internet communications -- especially real-time P2P services like VoIP -- will give, not only aid and comfort, but also technical assistance, to the country's enemies. Not to mention cyberthieves.
When David E. Sanger of The New York Times broke the news that the United States was responsible for the Stuxnet malware exploit against Iran's nuclear program, Senator John McCain accused the administration of deliberately leaking the story to enhance President Obama's national security record.
The Gamma Group's business of supplying surveillance technology exclusively for use by government agencies may be legitimate. But not when it poses as the popular, free, open-source web browser Firefox.
Yesterday's hack of the official Associated Press Twitter feed demonstrated the enormous risk attached to the platform's lazy, single factor approach to security.
Law enforcement agencies are poised to use iPhones as facial recognition systems in the coming months. The technical advance promises efficiency but has created a backlash among civil liberties proponents.
The plan for unmanned police drones to patrol traffic and other city conditions in Seattle has sparked a new set of legal concerns about privacy. Law traditionally lags technology, but we can expect now to see a new round of activity in the courts as legal definitions begin to emerge on what "next-gen privacy" will look like.
US counterterrorism expert Richard Clarke, who came to prominence with his prescient warnings before the 9/11 attacks, tells Smithsonian Magazine the US was responsible for the Stuxnet supersmart worm that attacked parts of nuclear reactors in Iran – and in the process, has given away one of the world's most sophisticated cyberweapons.
Ontario's information privacy commissioner explains the unintended consequences of facial recognition technology and how biometric encryption can make it safer.
David Vladeck, Director of the Bureau of Consumer Protection of the Federal Trade Commission, discusses the state of "Do Not Track" and the problem with consumer behavior tracking online.
The US government is funding controversial projects to collect daily Internet activity, including Web searches, Twitter messages, Facebook and blog posts, and the digital location trails generated by billions of cellphones. Its goal is to map these interactions to predict social behavior, such as protests.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Ushering in a new era of cognitive computing systems, IBM announced today the IBM Watson Engagement Advisor, a technology breakthrough that allows brands to crunch big data in record time to transform the way they engage clients in key functions such as customer service, marketing, and sales.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Email This
