Mandiant, a United States cybersecurity firm, released a report on Tuesday detailing its findings of what it believes to be a series of hacks conducted by the Chinese army. They believe they have detected the hacks of "141 companies spanning 20 major industries."
Here's an except from the executive summary:
The activity we have directly observed likely represents only a small fraction of the cyber espionage that APT1 has conducted. Though our visibility of APT1’s activities is incomplete, we have analyzed the group’s intrusions against nearly 150 victims over seven years. From our unique vantage point responding to victims, we tracked APT1 back to four large networks in Shanghai, two of which are allocated directly to the Pudong New Area. We uncovered a substantial amount of APT1’s attack infrastructure, command and control, and modus operandi (tools, tactics, and procedures). In an effort to underscore there are actual individuals behind the keyboard, Mandiant is revealing three personas we have attributed to APT1. These operators, like soldiers, may merely be following orders given to them by others.
Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China’s cyber threat actors. We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support. In seeking to identify the organization behind this activity, our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate.Mandiant also released a video demonstrating a method used by APT1 to hack American companies.
A Chinese foreign ministry spokesperson responded, "To make groundless accusations based on some rough material is neither responsible nor professional."
The findings have been widely reported including by the New York Times, Wall Street Journal, and ABC News.
0 comments:
Post a Comment