A shadowy Chinese army unit is to blame for many of the most effective cyberattacks against the United States, argues a leading cybersecurity firm in a new report.
Security firm Mandiant outed the unit Tuesday in a report issued after tracking individual members of a top Chinese hacking group, which it identifies as "APT1," for six years. Mandiant concluded the group is working with assistance from the Chinese government and is likely People's Liberation Army Unit 61398, a unit dedicated to cyberwar and corporate espionage on the behalf of the Chinese government.
"Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China’s cyber threat actors," reads Mandiant's report. "We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support."
"In seeking to identify the organization behind this activity, our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources," Mandiant continued. "PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate."
Maidiant did, tongue in cheek, admit "one other unlikely possibility" — that APT1 is "a secret, resourced organization full of mainland Chinese speakers with direct access to Shanghai-based telecommunications infrastructure is engaged in a multi-year, enterprise scale computer espionage campaign right outside of Unit 61398’s gates, performing tasks similar to Unit 61398’s known mission."
Mandiant first shared its new report with The New York Times, which reported that other security firms as well as at least some in the U.S. intelligence community believe "these hacking groups are either run by army officers or are contractors working for commands like Unit 61398."
Source : New York Times
No comments:
Post a Comment