Chinese Army hacks 141 firms; shadowy Unit 61398 fingered
By Richi Jennings
February 19, 2013 6:22 AM EST
http://blogs.computerworld.com/cyberwarfare/21799/chinese-army-hacks-141-firms-shadowy-unit-61398-fingered-itbwcw
What is "Unit 61398"?
Who are "Byzantine Candor"? Where is it based? Why is the Chinese government said to be stealing companies' intellectual property? A security group says it knows, and warns of advanced, persistent threats to national security from the People's Republic.
In IT Blogwatch, bloggers examine new PRC APT allegations.
Your humble blogwatcher curated these bloggy bits for your entertainment.
John Ribeiro points the finger at the part of the Chinese Army that's allegedly responsible:
...specifically an unit that goes under the cover name "Unit 61398." ... Unit 61398 is said to be located in a 130,663 square-foot building on Datong Road in Gaoqiaozhen...Shanghai. ... The group has a sinister track record, according to Mandiant...compromis[ing] 141 companies spanning 20 major industries.
...
Once the group has established access, it periodically revisits the victim's network...to steal a variety of intellectual property...Mandiant said. ... China's Foreign Ministry said...the nation is firmly opposed to hacking. MORE
Ben Blanchard and Joseph Menn have more:
The Chinese Foreign Ministry said...it doubted the evidence provided in the report. ... "We don't know how the evidence in this so-called report can be tenable," spokesman Hong Lei [said]. "Arbitrary criticism based on rudimentary data is irresponsible."
...
Most of the victims were [said to be] located in the United States. ... The information stolen ranged from details on mergers and acquisitions to the emails of senior employees. ... U.S. officials have complained in the past to China about sanctioned trade-secret theft, but have had a limited public record to point to. MORE
Mandiant's Dan Mcwhorter opens the kimono:
[We] released an unprecedented report exposing APT1's multi-year, enterprise-scale computer espionage campaign. [It's] one of dozens of threat groups [but] one of the most prolific.
...
The decision to publish a significant part of our intelligence about Unit 61398 was a painstaking one. ... It is time to acknowledge the threat is originating from China, and we wanted to do our part. ... Without establishing a solid connection to China, there will always be room...to dismiss APT actions as...peripheral to larger national security and global economic concerns. MORE
Adam Clark Estes waxes alarming:
Remember that scary...column Obama wrote last year, describing...a crippling cyber attack that shut down our power grid and poisoned our water? ... The level of detail in [the] report is intimidating...horrifying for the hackers implicated.
...
The unit's more commonly known as the "Comment Crew" or the "Shanghai Group." ...a diplomatic cable released by WikiLeaks...detailed the group's activity. ...at this point, it seems impossible not to include China on the list of suspects. MORE
|
