Tag Archives: China

ShutterstockChina##Q##s military has said that overseas computer hackers targeted two of its websites an average of 144,000 times per month last year, with almost two-thirds of the attacks originating in the United States.

The claim from Defense Ministry spokesman Geng Yansheng follows accusations last week by American cybersecurity company Mandiant that Chinese military-backed cyberspies infiltrated overseas networks and stole massive amounts of data from U.S. companies and other entities. China denied the allegations, and its military said it has never supported any hacking activity.

Geng told reporters at a monthly news conference that an average of 62.9 percent of the attacks on the Defense Ministry##Q##s official website and that of its newspaper, the People##Q##s Liberation Army Daily, came from the U.S.

“Like other countries, China faces a serious threat from hacking and is one of the primary victims of hacking in the world,” Geng said. “Numbers of attacks have been on the rise in recent years.”

Geng attacked the Mandiant report, which blamed hacking on the People##Q##s Liberation Army##Q##s Shanghai-based Unit 61398, as “unprofessional and not in accordance with the facts.” He also criticized the U.S. military##Q##s cyber command for impeding international efforts at controlling hacking.

The Mandiant report was widely praised by cybersecurity professionals interviewed by The Associated Press, who said it provided the most detailed picture yet of China##Q##s state-sponsored hacking efforts.

China Says US-based Hackers Target Its Websites | DFI News.

 Courtesy of AP Photo/Yves Logghe U.S. Secretary of Defense Leon Panetta, left, talks with Britain’s Secretary of State for Defence Philip Hammond, during a two-day NATO defense ministers meeting to discuss Syria and Afghanistan, at NATO headquarters in Brussels, Thursday, Feb. 21, 2013. The head of NATO urged member countries Thursday to stop cutting their defense budgets in response to tough economic times, saying continued reductions will compromise the safety of all of the military alliance’s 28 members. Courtesy of AP Photo/Yves Logghe

With cyberthreats escalating, the next meeting of NATO defense ministers will include a major focus on cybersecurity, Secretary of Defense Leon Panetta said.

Panetta said he called on NATO to address the issue, as the cyberthreat from other nations and hackers continues to grow.

“We are seeing continuing attacks in the cyber arena, on the private sector, on the public sector, in the defense arena,” Panetta told reporters as the two-day NATO ministerial here wrapped up. “This is without question the battlefield of the future and a scenario that NATO needs to pay attention to.”

His comments come in the wake of a new report by a private cybersecurity firm that concluded that a special unit of China‘s military is responsible for sustained cyberespionage against U.S. companies and government agencies. China has denied involvement in the attacks in which massive amounts of data and corporate trade secrets, likely worth hundreds of millions of dollars, were stolen.

U.S. government officials have said that nations around the world must work together in order to tackle the growing cyberthreats. To date there are no broadly accepted rules that describe what constitutes a cyberact of war or the parameters of the battlefield in cyberspace. Nations also have widely disparate laws governing Internet crime.

NATO Meeting Will Focus on Cybersecurity | DFI News.

ShutterstockWesley McGrew, a research assistant at Mississippi State Univ., may be among the few people thrilled with the latest grim report into a years-long hacking campaign against dozens of U.S. companies and organizations.

But McGrew’s interest is purely academic: He teaches a reverse engineering class at the university, training 14 computer science and engineering students how to analyze malicious software.

Part of the curriculum for his class will involve analyzing malware samples identified in a report from security vendor Mandiant, which alleged a branch of the Chinese military called “Unit 61398” ran a massive hacking campaign that struck 141 organizations over the last seven years.

Mandiant’s report is fueling a diplomatic crisis between the U.S. and China, but it will also provide a learning opportunity for future computer security experts.

US Students Get Cracking on Chinese Malware Code | DFI News.

ShutterstockEvidence of an unrelenting campaign of cyberstealing linked to the Chinese government is prompting the Obama administration to develop more aggressive responses to the theft of U.S. government data and corporate trade secrets.

A report being released considers fines and other trade actions against China or any other country guilty of cyber-espionage. Officials familiar with the administration’s plans spoke on condition of anonymity because they were not authorized to speak publicly about the threatened action.

The Chinese government denies being involved in the cyberattacks cited in a cybersecurity firm’s analysis of breaches that compromised more than 140 companies. China‘s Defense Ministry called the report deeply flawed.

Mandiant, a Virginia-based cybersecurity firm, has released a torrent of details that tied a secret Chinese military unit in Shanghai to years of cyberattacks against U.S. companies. Mandiant concluded that the breaches can be linked to the People’s Liberation Army’s Unit 61398.

Military experts believe the unit is part of the People’s Liberation Army’s cybercommand, which is under the direct authority of the General Staff Department, China‘s version of the Joint Chiefs of Staff. As such, its activities would be likely to be authorized at the highest levels of China‘s military.

The release of the Mandiant report, complete with details on three of the alleged hackers and photographs of one of the military unit’s buildings in Shanghai, makes public what U.S. authorities have said less publicly for years. But it also increases the pressure on the U.S. to take more forceful action against the Chinese for what experts say has been years of systematic espionage.

“If the Chinese government flew planes into our airspace, our planes would escort them away. If it happened two, three or four times, the president would be on the phone and there would be threats of retaliation,” said Shawn Henry, former FBI executive assistant director. “This is happening thousands of times a day. There needs to be some definition of where the red line is and what the repercussions would be.”

Henry, the president of the security firm CrowdStrike, said that rather than tell companies to increase their cybersecurity, the government needs to focus more on how to deter the hackers and the nations that are backing them.

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that in the past year the White House has been taking a serious look at responding to China. “This will be the year they will put more pressure on, even while realizing it will be hard for the Chinese to change. There’s not an on-off switch,” Lewis said.

In denying involvement in the cyberattacks tracked by Mandiant, China‘s Foreign Ministry said China too has been a victim of hacking, some of it traced to the U.S. Foreign Ministry spokesman Hong Lei cited a report by an agency under the Ministry of Information Technology and Industry that said that in 2012 alone foreign hackers used viruses and other malicious software to seize control of 1,400 computers in China and 38,000 websites.

“Among the above attacks, those from the U.S. numbered the most,” Hong said at a daily media briefing, lodging the most specific allegations the Chinese government has made about foreign hacking.

Cybersecurity experts say U.S. authorities do not conduct similar attacks or steal data from Chinese companies but acknowledge that intelligence agencies routinely spy on other countries.

China is clearly a target of interest, said Lewis, noting that the U.S. would be interested in Beijing‘s military policies, such as any plans for action against Taiwan or Japan.

In its report, Mandiant said it traced the hacking back to a neighborhood in the outskirts of Shanghai that includes a white 12-story office building run by the army’s Unit 61398.

Mandiant said there are only two viable conclusions about the involvement of the Chinese military in the cyberattacks: Either Unit 61398 is responsible for the persistent attacks, or they are being done by a secret organization of Chinese speakers, with direct access to the Shanghai telecommunications infrastructure, who are engaged in a multi-year espionage campaign being run right outside the military unit’s gates.

“In a state that rigorously monitors Internet use, it is highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai,” the Mandiant report said, concluding that the only way the group could function is with the “full knowledge and cooperation” of the Beijing government.

The unit “has systematically stolen hundreds of terabytes of data from at least 141 organizations,” Mandiant wrote. A terabyte is 1,000 gigabytes. The most popular version of the new iPhone 5, for example, has 16 gigabytes of space, while the more expensive iPads have as much as 64 gigabytes of space. The U.S. Library of Congress’ 2006-10 Twitter archive of about 170 billion tweets totals 133.2 terabytes.

Administration Developing Penalties for Cybertheft | DFI News.

Naked SecuritySecurity researchers at Mandiant have published a lengthy report [PDF], which appears to track a notorious hacking gang right to the door of a building belonging to the People’s Liberation Army of China.

In its report, Mandiant says it believes it has traced a series of attacks back to the Pudong New Area on the outskirts of Shanghai, the same location as a 130,663 square foot PLA facility known as “Unit 61398.”

Unit 61398 staff are said to have been trained in computer security, and are required to be proficient in the English language.

The report has caught the attention of the world’s media, after The New York Times published a detailed story about the report.

Unit 61398: A Chinese Cyber Espionage Unit on the Outskirts of Shanghai? | DFI News.