In February, Mandiant released a 60-page study tracking the individual members of the most sophisticated of the Chinese hacking groups. The study identified a secretive Chinese military unit as the likely source of hacking attacks on hundreds of companies around the world.
“Our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate,” Mandiant stated in its report.
The People’s Liberation Army General Staff Department’s Third Department – commonly known as Unit 61398 – is staffed by people specially trained in network security, covert communications, and English linguistics. The unit, located in a suburb of Shanghai, has a well-defined attack methodology. Once the unit has established access to a company’s network, they may steal intellectual property, business plans, partnership agreements, and other important confidential information from the organization over a period that could last for months or years.
Rohrabacher mentioned that the “commercial warfare” being conducted against the U.S. far exceeds traditional espionage, which, he said, the chief of the U.S. Cyber Command estimated to cost the U.S. economy $250 billion a year.
“The transfer of wealth by the theft of technology and other information vital to the development of industry is then used to gain a competitive advantage in world trade which brings even more wealth to China,” said Rohrabacher.
Greg Autry, a senior economist at the Coalition for a Prosperous America, said evidence suggests that a full accounting of the costs of Chinese cyber warfare is hard to compile because many of these crimes go either unnoticed or unreported.
Nevertheless, he said, a modest estimate of the costs would be in the hundreds of millions.
Last month, Obama signed an executive order establishing a security framework for critical infrastructure owned by the private sector. The order would make the National Institute of Standards and Technology work with companies to develop a framework of “cybersecurity best practices.”
At a Senate hearing earlier this month, Homeland Security Secretary Janet Napolitano urged Congress to enact legislation that would assist agencies to establish a public-private partnership and grant the regulatory authority to protect critical infrastructure.
At the House hearing on Thursday, Painter also said that though the executive order is very important, the country still needs legislation that will encourage voluntary cooperation between public and private sector on this issue.
The hearing comes in the wake of cyberattacks on Wednesday that damaged over 30,000 computers and servers at six South Korean banks and media companies. Investigators said on Friday that they determined that the IP address, initially thought to be from China, had originated from an internal IP address at one of the banks that was affected by the malicious code.
Hackers can easily manipulate IP addresses anywhere in the world, so the investigation’s findings about the origin of the attack are not conclusive. Officials said the investigation into the sources of the attacks could take weeks, as reported by the BBC.