Does the US Suffer From a Hacker Gap Against China?
News broke today that China's People's Liberation Army is behind a massive, worldwide hacker effort. The hacker army, which is reportedly run by "Unit 61938" of the PLA based in a Shanghai suburb, has targeted the US and other countries, hitting around 150 victims over the past seven years.
The report, released Tuesday, states that out of the 141 hacking targets, 87 per cent have headquarters in English-speaking countries.
“It’s time to acknowledge the threat is originating in China,” reads the report. “Without establishing a solid connection to China, there will always be room for observers to dismiss (the threat) as uncoordinated, solely criminal in nature, or peripheral to larger national security and global economic concerns.”
Mandiant's report details years of Chinese economic cyber espionage, all originating from that PLA unit outside Shanghai.
- Evidence linking APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398).
- A timeline of APT1 economic espionage conducted since 2006 against 141 victims across multiple industries.
- APT1′s modus operandi (tools, tactics, procedures) including a compilation of videos showing actual APT1 activity.
- The timeline and details of over 40 APT1 malware families.
- The timeline and details of APT1′s extensive attack infrastructure.
China's communist government denies the allegations, calling the report "groundless criticism" and "unprofessional." But according to Mandiant, the scale of the attacks and the size of the information thefts -- hundreds of terrabytes of data -- indicate the backing of a large organization and dozens, maybe hundreds, of hackers launching the coordinated, systematic attacks.
Cyberspace represents not just information and commerce, but also a new battlespace. Maybe the most alarming aspect of the report, though, is how little effect it will probably have in Washington. A few pundits and elected officials will sound the alarm, but most of Washington will ignore it to focus on sequestration or the "war on whatever" that the Obama administration is using to create today's wedge issue.
Our military and corporations are increasingly dependent on networks and information tech. Our elections are increasingly electronic, our finances, everything. It's a safe bet that Unit 61938 has not been hacking so that it could pirate movies and software or jailbreak PS3s. They're looking for holes and building weapons to wield against us and our allies.