Chinese military is behind hacking attacks

[W.G.Ewald]

Security group suspects Chinese military is behind hacking attacks | Reuters

A secretive Chinese military unit is believed to be behind a series of hacking attacks, a U.S. computer security company said, prompting a strong denial by China and accusations that it was in fact the victim of U.S. hacking.

The company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries.

"The nature of 'Unit 61398's' work is considered by China to be a state secret; however, we believe it engages in harmful 'Computer Network Operations'," Mandiant said in a report released in the United States on Monday.

 

[Blackwater]

So hacking and coping are two fundamental achievements of china in 21 century

Third is fundamental mistake of 21st century Guess what??

 

[s002wjh]

So hacking and coping are two fundamental achievements of china in 21 century

Third is fundamental mistake of 21st century Guess what??

you are naive to think india or any other country is not doing the same

 

[W.G.Ewald]

Is this China's hacker headquarters? | Video | Reuters.com

 

[LETHALFORCE]

Does China Have an Army of Hackers? : The New Yorker

DOES CHINA HAVE AN ARMY OF HACKERS?

 

[ice berg]

Wow, China got hackers! just wow. What has the world come to. What is next, US got hackers too?!?

Good that we have companies like what was the name again, oh yah Mandiant to protect us.

Buy more security solutions from us.

Sorry, cant help myself. :cool2:

 

[W.G.Ewald]

Mandiant® - Detect. Respond. Contain.

A look at Mandiant, allegations on China hacking - SFGate

Mandiant in the spotlight as cyber attacks on companies increase - The Washington Post

Mandiant Report Chinese Hacking - Business Insider

The Chinese army appears to be conducting cyberhacking and espionage against large U.S. corporations, according to an extensive report from computer security firm Mandiant.

The report even identifies the unit and the building behind the cyberwar.

Beijing has long been suspected of espionage costing global corporations billions of dollars — such as when a hacking incident at Lockheed Martin was followed by the appearance of suspiciously familiar Chinese jets — though it was hard to find evidence.

Indeed, it makes sense that China, in its breakneck push to become a world power, would use all available technology to catch the west.

Following Mandiant's 75-page report, however, the cyberwar is all but official.

We have distilled the alarming report and posted it below.

According to Mandiant, what China's hacking program coordinators do is seek students with outstanding English skills who are handpicked for "Advanced Persistent Threat" training (APT). The APT teams are broken down into groups and divided among locations in and around Shanghai, universities, commercial corridors, and largely innocuous places.

Wherever they go, each team is assigned a Military Unit Cover Designator (MUCD). The MUCD is a five-digit number by which the unit, its people, its location, and its work is referred to. The designation makes the teams more difficult to isolate and track.

MUCDs report all the way up to the Chinese equivalent to the Joint Chiefs of Staff, according to Mandiant. That implies this practice is part of China's overt military policy against foreign nations.

Mandiant offers an example of the type of expertise required:

Covert communications
English linguistics
Operating system internals
Digital signal processing
Network security

The needs are then broken down further into Profession Codes — such as 080902 for Circuits & Systems — Required Proficiencies — such as 101 for political, 201 for English, etc.

With hundreds or thousands of these teams lined up, the Chinese start phishing for passwords, according to Mandiant. The teams have refined and perfected dialogue, slang, and responses that appear nearly seamless to the colleagues they're trying to impersonate. In the beginning it all looks just like this:

Read more: Mandiant Report Chinese Hacking - Business Insider

 

[W.G.Ewald]

Mandiant APT1 Report

 

[s002wjh]

its the old fashion espionage tic tac toe between 2 countries except with internet. i'm sure us/india/russia and other hire thousands software engineer/hackers to defend and infiltrate other country network.

 

[W.G.Ewald]

its the old fashion espionage tic tac toe between 2 countries except with internet. i'm sure us/india/russia and other hire thousands software engineer/hackers to defend and infiltrate other country network.

Still there should be penalties where economic damage is done.

 

[Spindrift]

Mandiant revealed Chinese APT1 Cyber Espionage campaign - Hacking News

http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf

 

[bengalraider]

The source has been traced.

Cyber-assault HQ: how US is under attack from this office in Shanghai - Asia - World - The Independent

Cyber-assault HQ: how US is under attack from this office in Shanghai

Online security firm traces breaches to building occupied by Chinese military

David Usborne

Tuesday, 19 February 2013
A barrage of malicious cyber-attacks against computer networks in the United States and other countries over several years has been sourced by a private US security firm to a single building on the fringes of Shanghai, which, it says, is occupied by the Chinese military.


A 60-page report released by Mandiant, a Virginia-based firm that specialises in cyber-espionage, concludes that hundreds or perhaps thousands of English-speaking Chinese computer experts toil daily inside the anonymous-looking 12-storey building in the Pudong district of Shanghai. 'Unit 61398', as it is known, hacks into foreign networks on behalf of the People's Liberation Army (PLA), Mandiant alleges.

"The nature of Unit 61398's work is considered by China to be a state secret; however, we believe it engages in harmful computer network operations," the security firm said in the report, which drew instant rebukes from the Chinese government. "It is time to acknowledge the threat that is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively."

The company asserted that the unit, one of several in China believed to be involved in invading overseas computer systems, had "stolen hundreds of terabytes of data from at least 141 organisations across a diverse set of industries beginning as early as 2006". While most of the activity targeted corporations in the United States are smaller number is located in Canada and Britain, it said.

Cyber-espionage is becoming an increasingly urgent worry in Washington. The concern is not just that China, as well any number of other countries, is successfully stealing corporate information – for example merger plans, design blueprints, pricing documents or negotiating strategies – but that it is developing the capacity to sabotage physical infrastructure networks in the US like gas pipelines or power grids.

"In the cold war, we were focused every day on the nuclear command centres around Moscow," one senior defence official was cited as saying by the New York Times, which first revealed the contents of the Mandiant report. "Today, it's fair to say that we worry as much about the computer servers in Shanghai."

President Barack Obama included a call to arms to confront the cyber-threat in his State of the Union address last week. "We know foreign countries and companies swipe our corporate secrets," he said. "Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air-traffic control systems. We cannot look back years from now and wonder why we did nothing."

Beijing continues to deny sanctioning such activity. "Hacking attacks are transnational and anonymous," foreign ministry spokesman Hong Lei said. "Determining their origins are extremely difficult. We don't know how the evidence in this so-called report can be tenable." When BBC journalists approached the building they were briefly detained and forced to relinquish their footage.

Unit 61398 has been known both to private cyber-security firms as well as US intelligence for a while and is sometimes referred as the 'Comment Crew' because it has been known to infiltrate online forums and leave comments. The Mandiant report does not name any victims but says that the 141 companies already infiltrated span 20 major industries.

American companies known to have been targeted by Comment Crew, however, include Coca Cola at a time when it was considering a take-over of a Chinese juice company and RSA, a technology company that creates computer codes to protect confidential corporate and government databases. Alarm bells sounded last September when a unit of Telvent which supplies equipment enabling utility companies remotely to operate valves and switches on gas and oil networks had been invaded by unidentified cyber-intruders.

Responding to the report, White House spokeswoman Caitlin Hayden reiterated only that the United States "has substantial and growing concerns about the threats to U.S. economic and national security posed by cyber intrusions, including the theft of commercial information."

The Mandiant report acknowledges that while it has traced assorted cyber-intrusions to servers precisely in the rather run-down district of Pudong where the building occupied by Unit 61398 stands, it cannot be certain they are actually within its walls. But to suppose they are not is barely plausible, the firm says.

 

[satish007]

the building localed in Gaoqiao town.
a document shows they call the building Gaoqiao front or Gaoqiao position.

Good catch, US cyber solder.
hopefully Chinese cyber soldiers also have "Distinguished Warfare Medal "

Chinese hacker looks naive before US.
The Pentagon sparked an uproar among troops and veterans this week when it revealed that a new high-level medal honoring drone pilots will rank above some traditional combat valor medals in the military's "order of precedence."

 

[Ray]

It appears that the Chinese are serious about all aspects of warfare and are poised to overtake all of the world to achieve global supremacy.

Good luck to the Chinese.

 

[s002wjh]

Still there should be penalties where economic damage is done.

any espoiniage will have some damage, for example soviet/israel spy steal technology/intel in US, and vice versa. the best way is to defend such attack and upgrade our own offense

 

[s002wjh]

It appears that the Chinese are serious about all aspects of warfare and are poised to overtake all of the world to achieve global supremacy.

Good luck to the Chinese.

i doubt china cyber-warfare is capable as the US. US afterall invent internet, and is still the top techonlogical/information country in the world.

 

[W.G.Ewald]

Chinese cyber-attacks: Hello, Unit 61398 | The Economist

AN AMERICAN information-security firm has identified a secretive Chinese military unit as the likely source of hacking attacks against more than a hundred companies around the world. In a report made public on Tuesday, the firm, Mandiant, based in Alexandria, Virginia, said it could now back up suspicions it first reported in more qualified form in 2010.

The firm had said then the Chinese government may have authorised the hacking activity it had traced to China, but that there was "no way to determine the extent" of official involvement. In its new report, Mandiant upgrades its assessment. "The details we have analysed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese government is aware of them," the report said.

China's government has denied the allegations. Hong Lei, a spokesman for China's foreign ministry, said on February 19th that China has itself been a victim of cyber-attacks, and that it enforces laws that ban such activity. "Groundless criticism is irresponsible and unprofessional, and it will not help to solve the problem," he said of the Mandiant report.

According to the report, a Shanghai-based unit of the People's Liberation Army General Staff Department, known as Unit 61398, is staffed by hundreds and possibly thousands of people specially trained in network security, digital signal processing, covert communications and English linguistics. The unit's 12-storey building (pictured above) has been equipped with special fibre-optic communications infrastructure "in the name of national defence".

 

[Ray]

i doubt china cyber-warfare is capable as the US. US afterall invent internet, and is still the top techonlogical/information country in the world.

I don't think one can underestimate China.

 

[no smoking]

Chinese cyber-attacks: Hello, Unit 61398 | The Economist

So, basically this unknown US "security firm" just said:"We found some hacking activities coming from China so we believe these activities are supported by PLA even though we don't have any evidence".

 

[W.G.Ewald]

So, basically this unknown US "security firm" just said:"We found some hacking activities coming from China so we believe these activities are supported by PLA even though we don't have any evidence".

Can you actually refute what the Mandiant Report said (after you read it, that is)?

The Mandiant Report is not the sole source of evidence for hacking by China or PLA, I would say.

But let's keep the thread going as the story develops.