[ISN] Chinese Army Unit Is Seen as Tied to Hacking Against U.S.

From: InfoSec News <alerts_at_private>
Date: Tue, 19 Feb 2013 02:09:45 -0600 (CST)
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html

By DAVID E. SANGER, DAVID BARBOZA and NICOLE PERLROTH
The New York Times
February 18, 2013

On the outskirts of Shanghai, in a run-down neighborhood dominated by a 
12-story white office tower, sits a People’s Liberation Army base for 
China’s growing corps of cyberwarriors.

The building off Datong Road, surrounded by restaurants, massage parlors 
and a wine importer, is the headquarters of P.L.A. Unit 61398. A growing 
body of digital forensic evidence -- confirmed by American intelligence 
officials who say they have tapped into the activity of the army unit 
for years — leaves little doubt that an overwhelming percentage of the 
attacks on American corporations, organizations and government agencies 
originate in and around the white tower.

An unusually detailed 60-page study [1], to be released Tuesday by 
Mandiant, an American computer security firm, tracks for the first time 
individual members of the most sophisticated of the Chinese hacking 
groups — known to many of its victims in the United States as "Comment 
Crew" or "Shanghai Group" - to the doorstep of the military unit’s 
headquarters. The firm was not able to place the hackers inside the 
12-story building, but makes a case there is no other plausible 
explanation for why so many attacks come out of one comparatively small 
area.

"Either they are coming from inside Unit 61398," said Kevin Mandia, the 
founder and chief executive of Mandiant, in an interview last week, “or 
the people who run the most-controlled, most-monitored Internet networks 
in the world are clueless about thousands of people generating attacks 
from this one neighborhood.”

Other security firms that have tracked "Comment Crew" say they also 
believe the group is state-sponsored, and a recent classified National 
Intelligence Estimate, issued as a consensus document for all 16 of the 
United States intelligence agencies, makes a strong case that many of 
these hacking groups are either run by army officers or are contractors 
working for commands like Unit 61398, according to officials with 
knowledge of its classified content.

[1] http://www.mandiant.com/apt1

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Tue Feb 19 2013 - 00:09:45 PST

This archive was generated by hypermail 2.2.0 : Mon Feb 18 2013 - 23:59:04 PST