Mandiant Internet Security accuses Chinese Army unit of cyber attacks on U.S.

By LUIS MIRANDA | THE REAL AGENDA | FEBRUARY 19, 2013

A secret unit of the People’s Liberation Army (PLA) of China is behind a number of attacks suffered by businesses and organizations in the United States, according to a report released by the U.S. company Mandiant Internet security.

The document says that research conducted by Mandiant in the last three years shows that groups that cyber attacked government agencies, companies and American newspapers “are based mainly in China and that the Chinese government is aware of them.”

The report commissioned by The New York Times and other media, that sought to track down and clean up their computer systems, identifies PLA Unit 61398, based in Shanghai, as one of the entities responsible for the attacks. Digital signatures of the so-called ‘virtual raids’, says Mandiant, were traced to a 12-story building in the financial district of Pudong in Shanghai.

According to Mandiant, this division of the Chinese Army is kept up by thousands of employees, and English proficient programming techniques and network management. The unit has stolen “hundreds of terabytes of data from at least 141 organizations in a wide range of industries since 2006”.

Most victims are located in the United States, according to the report. There is also, though in smaller numbers, victims in Canada and the UK. The stolen information ranges from details of business transactions, such as mergers and acquisitions, to emails from senior managers, according to the study released in the U.S. on Monday.

“The nature of the work carried out by Unit 61398 is considered a state secret in China. However, we believe that is involved in harmful Computer Network Operations “, the report said. “It’s time to admit that the threat originated in China, and we wanted to make our contribution to arm and equip security professionals in order to combat this threat effectively.”

The report focuses in particular on a group, which it calls APT1, or Advanced Persistent Threat, which, has removed vast amounts of information and has targeted critical infrastructure. the report alleges.

“We believe APT1 can continue a campaign of cyber espionage in large part because it receives direct support from the Chinese government,” says Mandiant, identifying APT1 with Unit 61398.

In recent weeks cyber attacks on U.S. newspapers like the New York Times and Wall Street Journal, as well as others made to Twitter, have supposedly been linked to Chinese hackers. The New York Times said that hackers stole passwords and accessed the personal computers of 53 employees, after the newspaper published information on the family fortune amassed by the Chinese premier, Wen Jiabao.

A report by the U.S. Congress last year said that increasingly dexterous entities backed by the Chinese government are trying to enter the U.S. systems, and called China “the most threatening player in cyberspace.”

China has repeatedly rejected the allegations and says that the country is also a victim of hackers. “The hacker attacks are transnational and can be hidden. Determining their origin is difficult. We do not know how they can stand support the evidence on that report,” said Hong Lei, a spokesman for the Foreign Ministry of China.

“Arbitrary criticism, based on rudimentary data is irresponsible, unprofessional and does not help solve the problem … China is strongly opposed to piracy,” Lei said, while emphasizing that China “is a major victim of cyber attacks” and that “of all of the attacks that the country suffers, most come from the United States.”

The questions that remains is, if both governments are so sure that their they are mutually responsible for the cyber attacks, why haven’t they sorted out the problem? Instead, China and the U.S. resort to censorship and internet power grabs in order to combat an invisible enemy, they say, which requires that everyone surrenders their ability to freely navigate the world wide web.

Everyone knows that cyber wars are conducted by the strongest players in world affairs in an attempt to exercise dominance against each other. No bread and butter hacker has the capacity to penetrate the kind of security set at Pentagon or the Chinese government. It is clear that the cyber terrorists are the governments themselves, therefore it is absurd that average internet users are obligated to be spied on because of these governments’ cyber terror activities.

The Real Agenda encourages the sharing of its original content ONLY through the tools provided at the bottom of every article. Please DON’T copy articles from The Real Agenda and redistribute by email or post to the web.