After a three-month lull, a Chinese military unit has resumed cyber-attacks on American companies, according to online security firm Mandiant Corp.

Mandiant told The New York Times a unit of the Chinese People’s Liberation Army, sponsored by the government, is up to its old tricks targeting many of the same companies as it did previously.

The company said the attacks started again last month, just days after Chinese officials told Secretary of State John Kerry they were open to holding cyber-security talks with the United States.

Although Mandiant declined to name the victims, citing client confidentiality, in a 74-page report released in February, the security firm indicated defense contractors were among those targeted.

Once the hackers have “established access, they periodically revisit the victim’s network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and e-mails and contact lists from victim organizations’ leadership,” the report said.

Mandiant chief security officer Richard Bejtlich said the Chinese hackers are using the same equipment as in previous attacks because many American companies have no defense against it, the VOA News reported.

The three-month hiatus taken by the hackers, known as Unit 61398, is thought to be due to the intense scrutiny from the U.S. government and security firms alike since the cyber-attacks came to light early this year.

According to The Times, the Obama administration had hoped that going public with its accusations would shame the Chinese government into calling a halt to the military’s activities — or at least a scale back of them.

It seems the U.S.’s hopes are dashed, however, with activity resuming from four large networks in Shanghai, two of which serve the Pudong New Area where a 12-storey building run by Unit 61398 of the People’s Liberation Army is located.

Mandiant’s February report called Unit 61398 the most persistent of China’s cyber-threat actors, one that is “able to wage such a long-running and extensive cyber-espionage campaign in large part because it receives direct government support.”

Mandiant has linked the military unit to the hacking of 141 companies worldwide since 2006, but the security firm said that likely represents only a fraction of the cyber-espionage that Unit 61398 has conducted.

Chinese hacking attacks are likely to be addressed at an upcoming visit to China by President Obama’s national security adviser, Thomas Donilon, The Times said.

Donilon, during a speech in March, said more and more U.S. businesses are voicing concerns about “sophisticated, targeted theft of confidential business information and proprietary technologies” through cyber-attacks stemming from China at an unparalleled rate.

“The international community cannot afford to tolerate such activity from any country,” Donilon said during a March speech. “As the president said in the State of the Union, we will take action to protect our economy against cyber-threats.

“From the president on down, this has become a key point of concern and discussion with China at all levels of our governments. And it will continue to be. The United States will do all it must to protect our national networks, critical infrastructure, and our valuable public and private sector property.”

His remarks were backed up by the 83-page report from the office of the Secretary of Defense presented to Congress at the beginning of the month.

The report, ‘Military and Security Developments Involving the People’s Republic of China,’ also indicated that Chinese hackers have targeted the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs.

“In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military,” the report said.

China has staunchly denied all accusations of cyber-espionage and has insisted it is the victim of American hackers.



Post from: SiteProNews: Webmaster News & Resources

Chinese Military Hackers Back in Business After Three-Month Interval

View original post here:
Chinese Military Hackers Back in Business After Three-Month Interval


Tags: , , , , , , , , , , , , , , , , , , ,