Hacking trail leads to Chinese military

2013-02-19 21:51
(Picture: News24)

(Picture: News24)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Beijing – Cyber-attacks that stole massive amounts of information from military contractors, energy companies and other key industries in the US and elsewhere have been traced to the doorstep of a Chinese military unit, a US security firm alleged on Tuesday.

China's foreign ministry dismissed the report as "groundless," and the defence ministry denied any involvement in hacking attacks.

China has frequently been accused of hacking, but the report by Virginia-based Mandiant Corp contains some of the most extensive and detailed accusations to date linking its military to a wave of cyber-spying against US and other foreign companies and government agencies.

Mandiant said it traced the hacking back to a neighbourhood in the outskirts of Shanghai that includes a drab, white 12-storey office building run by "Unit 61398" of the People's Liberation Army.

The unit "has systematically stolen hundreds of terabytes of data from at least 141 organisations," Mandiant wrote. By comparison, the US Library of Congress 2006-2010 Twitter archive of about 170 billion tweets totals 133.2 terabytes.

"From our observations, it is one of the most prolific cyber-espionage groups in terms of the sheer quantity of information stolen," the company said. It added that the unit has been in operation since at least 2006.

Mandiant said it decided that revealing the results of its investigation was worth the risk of the hackers changing their tactics and becoming even more difficult to trace.

"It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively," it said.

In a statement faxed to AP, the defence ministry firmly rejected any involvement in hacking, saying Chinese law forbids all activities harming internet security.

"The Chinese government has always firmly combated such activities and the Chinese military has never supported any form of hacking activity," the ministry said. "Statements to the effect that the Chinese military takes part in internet attacks are unprofessional and are not in accordance with the facts."

Groundless accusations

Chinese foreign ministry spokesperson Hong Lei did not directly address the claims, but when questioned on the report on Tuesday, he said he doubted the evidence would withstand scrutiny.

"To make groundless accusations based on some rough material is neither responsible nor professional," Hong told reporters at a regularly scheduled news conference.

Reiterating a standard China government response on hacking claims, Hong said China itself is a major victim of such crimes, including attacks originating in the US.

"As of now, the cyber-attacks and cybercrimes China has suffered are rising rapidly every year," Hong said.

Mandiant's methodology used in the investigation was sound, said Massimo Cotrozzi, managing director of KCS Group, a London-based international cyber investigation consulting firm that was not involved in Mandiant's research.

"No one as yet has provided the world conclusive evidence of a link between the Chinese military and the attacks. This report is the nearest thing to conclusive evidence that I have seen," Cotrozzi said.

Mandiant said its findings led it to alter the conclusion of a 2010 report it wrote on Chinese hacking, in which it said it was not possible to determine the extent of government knowledge of such activities.

"The details we have analysed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese government is aware of them," the company said in a summary of its latest report.

It said the hacking was traced to the 2nd Bureau of the People's Liberation Army General Staff's 3rd Department, most commonly known as unit 61 398, in the Shanghai suburbs.

Imposing restrictions

News of the report spread on Tuesday on the Chinese internet, with many commentators calling it an excuse for the US to impose greater restrictions to contain China's growing technological prowess.

Graham Cluley, a British cyber-security expert who was not involved in Mandiant's research, said people in the computer industry believe China's government is behind such attacks but have been unable to confirm the source.

"None of us would be very surprised or be uncomfortable saying we strongly suspect the Chinese authorities are involved in spying this way," said Cluley, a senior technology consultant for security firm Sophos in Britain.

"I think we are seeing a steady escalation" of sophistication in hacking, Cluley said. "This is really the new era of cybercrime. We've moved from kids in their bedroom and financially motivated crime to state-sponsored cybercrime, which is interested in stealing secrets and getting military or commercial advantage."

- AP

Read more on:    us  |  china  |  internet  |  espionage
NEXT ON NEWS24X

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
6 comments
Add your comment
Comment 0 characters remaining
 

Inside News24

 
 

Land reform process lawful - Zuma

The land reform process is being done according to the law and the Constitution, says President Jacob Zuma.

 
 

Latest elections multimedia

11 Julius Malema quotes you'll never forget
DA won't get 30% - Zille
The EFF's ad was banned, see why
Why Jack Parow wants you to vote on 7 May
 
Traffic
Lottery
 
  • Tuesday Century City - 05:58 AM
    Road name: Ratanga Road Southbound
    ROADWORKS - lane closure between Ocean Spirit Avenue and Century Boulevard (until mid April)
  • Tuesday Mitchells Plain - 05:58 AM
    Road name: Spine Road
    ROAD CLOSED between Weltevreden Drive and Seafarer Drive due to roadworks (until mid April)
 
More traffic reports...
 

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Escape winter, head to Mauritius

Escape winter by spending 7 nights in Mauritius' tropical bliss from R13 215 per person sharing. Includes return flights, airport transfers and accommodation. Book now!

Kalahari.com - shop online today

Get 50% off selected books!

Buy 2 books and get 50% off the second book. Offer valid while stocks last. Shop now!

Mother’s Day special offers!

Spoil mom with these awesome specials that will warm her heart. Shop now!

Twisp – the smoking alternative

Buy any 2 refills for R250 and save R149. Offer valid while stocks last. Shop now!

25% off bestselling books!

The Real Meal Revolution by Tim Noakes, Jeffrey Archer’s Be Careful What You Wish for, Man’s Search for Meaning by Victor E. Frank and many more titles. Shop now!

Mother’s Day specials on appliances

Browse our range of Mother’s Day appliances to spoil and pamper mom. Offer valid while stocks last. Shop now!

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

BlackBerry Torch 9810

The BlackBerry Torch 9810 gives you the powerful combination of...

From R2815.00

I'm shopping for:

Horoscopes
Aquarius
Aquarius

You may be more sensitive today and can be influenced easily by the energies around you. Try not to be swayed too much by the...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.