HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 4 MINUTES AGO.
You are here: Home / Cybercrime / China Alleges Cyberattacks from U.S.
China Alleges Cyberattacks from U.S. on Its Military
China Alleges Cyberattacks from U.S. on Its Military
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
28
2013


Apparently weary of being blamed for hacking into U.S. military, media and other business computers, China is now making some pointed accusations of its own. China is reproaching the U.S. for launching hack attacks against its military networks.

Specifically, China said two of its Ministry of Defense Web sites saw more than 10,000 cyberattacks a month in 2012. And, the Communist nation continued, nearly two-thirds of those attacks originated in the U.S.

That said, China is not all about blaming the U.S. government for the alleged cyber trespasses. Still, China wants answers. In a statement on China's Defense Ministry Web site Thursday, spokesman Geng Yansheng pointed to "U.S. media reports," he said revealed the U.S. planned to craft a policy endorsing pre-emptive cyberattacks against China. Geng did not reveal which U.S. media reports indicated an escalation of cyberwarfare.

Espionage Hard to Prove

"According to IP addresses, in 2012 the Defense Ministry and China Military Online Web sites each month face 144,000 foreign attacks, of those, ones coming from the U.S. represented 62.9 percent," Geng said.

"These practices are not conducive to the joint efforts of the international community to enhance Internet security. We hope the United States will explain and clarify."

Is America hacking the Chinese? Is China hacking the U.S.? Is there any truth in this blame game or is it just politicking?

Graham Cluley, a senior security analyst at Sophos, told us most countries are probably engaging in cyber sleuthing.

"I would be surprised if any developed nation wasn't involved in some level of Internet espionage," Cluley told us from the floor of the RSA security conference in San Francisco. "After all, its relatively easy to do and a low risk compared to having spies on the ground. Of course, the problem is always 'proving' a particular attack was state-sponsored rather than being done by lone hackers of their own choosing."

The Mandiant Report

Thursday's statement was the most pointed allegation since the recent Mandiant report that indicted China for cyber espionage. According to Mandiant, the Chinese military appears to be hacking into U.S. interests. The 60-page report alleges members of "Comment Crew" and "Shanghai Group" have been tied to a 12-story building in Shanghai that's connected with the People's Liberation Army Unit 61398.

Mandiant's analysis led the firm to conclude that APT1, a prolific cyber-espionage group that has conducted attacks on a number of victims since at least 2006, is likely sponsored by the Chinese government and is one of the most persistent of China's threat actors.

"APT1 focuses on compromising organizations across a broad range of industries in English-speaking countries," Mandiant said. "APT1 has systematically stolen hundreds of terabytes of data Relevant Products/Services from at least 141 organizations."

According to Mandiant, APT1 maintains an extensive infrastructure of computer systems around the world. In over 97 percent of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language.

The size of APT1's infrastructure implies a large organization with at least dozens, but potentially hundreds of human operators. In an effort to underscore that there are actual individuals behind the keyboard, the Mandiant reveals three personas that are associated with APT1 activity. Mandiant is also releasing more than 3,000 indicators to bolster defenses against APT1 operations.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
High Quality CRM Data: Prevent, detect and fix errors at the point of data entry for Dynamics CRM. Trillium Software helps you achieve an accurate, synchronized, single view of customers. It's time to trust your data. Take a product tour and read CRM Analyst opinions here.
MORE IN CYBERCRIME
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Here we go again -- or should that be “Regin”? That’s the name security firm Symantec has given to an “advanced piece of malware” used in systematic spying campaigns at least as far back as 2008.

ENTERPRISE HARDWARE SPOTLIGHT
Doctor Who had K-9, the robot dog that accompanied him on adventures through space. Now, Mountain View has K5, a 5-foot-tall, 300-pound robot security guard patrolling in the Bay Area.

MOBILE TECHNOLOGY SPOTLIGHT
The new Android 5.0 Lollipop OS rolled out last month was Google's "biggest update of Android to date." However, early users report that Lollipop's sweet changes also come with less-tasty bugs.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.