Mandiant Located Majority of Cyber Attacks on U.S. Military and Corporations to Shanghai Military Base.

By on February 19, 2013 7:37:38 AM from JoeUser Forums JoeUser Forums

DrJBHL

Join Date 04/2002
+2154

 

The Intelligence Center of computer security firm Mandiant has identified the majority of highly sophisticated attacks on the U.S. to have originated by 4 networks in a bland, twelve story building in Shanghai which houses (allegedly) a super secret cyber warfare unit of China’s Army.

“Highlights of the report include:

  • Evidence linking APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398).
  • A timeline of APT1 economic espionage conducted since 2006 against 141 victims across multiple industries.
  • APT1′s modus operandi (tools, tactics, procedures) including a compilation of videos showing actual APT1 activity.
  • The timeline and details of over 40 APT1 malware families.
  • The timeline and details of APT1′s extensive attack infrastructure.

Mandiant is also releasing a digital appendix with more than 3,000 indicators to bolster defenses against APT1 operations. This appendix includes:

  • Digital delivery of over 3,000 APT1 indicators, such as domain names, IP addresses, and MD5 hashes of malware.
  • Thirteen (13) X.509 encryption certificates used by APT1.
  • A set of APT1 Indicators of Compromise (IOCs) and detailed descriptions of over 40 malware families in APT1′s arsenal of digital weapons.
  • IOCs that can be used in conjunction with Redline™, Mandiant’s free host-based investigative tool, or with Mandiant Intelligent Response® (MIR), Mandiant’s commercial enterprise investigative tool.”

- https://www.mandiant.com/blog/mandiant-exposes-apt1-chinas-cyber-espionage-units-releases-3000-indicators/?utm_source=rss&utm_medium=rss&utm_campaign=mandiant-exposes-apt1-chinas-cyber-espionage-units-releases-3000-indicators

Mandiant went on to say how the decision to publish outweighed and possibly impaired their own discovery methods for the public good.

You can read the report here:  http://intelreport.mandiant.com/

The Foreign Ministry of the PRC has denied the charge:

"To make groundless accusations based on some rough material is neither responsible nor professional," Hong told reporters at a regularly scheduled news conference. In a reiteration of China's standard response to such accusations, Hong said China strictly outlaws hacking and said the country itself was a major victim of such crimes, including attacks originating in the United States. "As of now, the cyberattacks and cybercrimes China has suffered are rising rapidly every year," Hong said.” – http://www.google.com/hostednews/ap/article/ALeqM5gqGzo86yXzI9q8-HN1zYXx7QVgog?docId=03e227bd185041cd95972d4dc26f2e20

Mandiant provided an advance copy of its report to The New York Times, saying it hoped to “bring visibility to the issues addressed in the report.” Times reporters then tested the conclusions with other experts, both inside and outside government, who have examined links between the hacking groups and the army (Mandiant was hired by The New York Times Company to investigate a sophisticated Chinese-origin attack on its news operations, but concluded it was not the work of Comment Crew, but another Chinese group. The firm is not currently working for the Times Company but it is in discussions about a business relationship.) - http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html?smid=tw-nytimestech&seid=auto&_r=1&

President Obama signed an Executive Order last week which is essentially the most disputed part of CISPA, enabling companies to share threat related security information with the government.

“Under a directive signed by President Obama last week, the government plans to share with American Internet providers information it has gathered about the unique digital signatures of the largest of the groups, including Comment Crew and others emanating from near where Unit 61398 is based … There are huge diplomatic sensitivities here,” said one intelligence official, with frustration in his voice.

But Obama administration officials say they are planning to tell China’s new leaders in coming weeks that the volume and sophistication of the attacks have become so intense that they threaten the fundamental relationship between Washington and Beijing.” – ibid

To me this all means, “China holds too much American paper, the trade balance, the manufacturing capability, and basically has pwned us.”

In my opinion, this needs to stop. It needs to stop NOW. It’s time to protect our I.P., and our companies. Either grow a pair, or just give up and let China roll over us. Make it clear. Draw the line.

Sources:

http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html?pagewanted=2&_r=1&seid=auto&smid=tw-nytimestech

http://intelreport.mandiant.com/

https://www.mandiant.com/blog/mandiant-exposes-apt1-chinas-cyber-espionage-units-releases-3000-indicators/?utm_source=rss&utm_medium=rss&utm_campaign=mandiant-exposes-apt1-chinas-cyber-espionage-units-releases-3000-indicators

http://www.theverge.com/2013/2/18/4003732/chinese-cyber-attacks-on-us-corporations-tied-to-army-base

21 Replies
Search this post
Subscription Options


Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 8:33:11 AM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

 

 As steve jobs once said: " Thermal Nuclear War" against the copyright infringement and cyber crime trying to steal their secrets.

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 8:52:38 AM from WinCustomize Forums WinCustomize Forums

Yep, China.... seems like everything is made there, including a lot of criminals that should be drawn and quartered in a public square. I'd even watch and applaud!

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 8:55:19 AM from WinCustomize Forums WinCustomize Forums

Here's a video of one of the thieves in action:

Reason for Karma (Optional)
Successfully updated karma reason!
Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.
February 19, 2013 9:27:16 AM from Elemental Forums Elemental Forums

To me this all means, “China holds too much American paper, the trade balance, the manufacturing capability, and basically has pwned us.”

This threat is always way overestimated. If China attempted to sell their American reserves it would have to be to someone and the market for US debt is such that it is highly unlikely to raise the interest rate on American bonds. In fact china is already attempting to sell American Bonds because they hate the fact that they are considered so safe they pay next to nothing. As a result China is investing a lot in some rather dubious places, but that's another story.

China can't even use money from selling those bonds at home. If they attempted to sell those American dollars to buy yuan it would cause their currency to rise because they keep it artificially low. This in turn would hurt their exporters in a time where domestic inflation and rising wages is already driving out a lot of manufacturing companies.

The real reason for the reluctance of the US in dealing with China has to do with fears of starting a trade war, which could lead to political tension, which could lead to a cold or even hot war. Since the US imports so much from China a trade war would cause significant inflation. Also all those American companies in China would get kicked out or get tariff-ed and lose a ton of money. A world where China goes rogue would be a much scarier place then the world we live in today. They have a lot of nukes. Don't forget China is ruled by a very secretive bureaucracy, and the recent Japanase situation has shown that they are willing to use nationalism in order to distract their citizens from domestic problems.  

The recent fascination with China as a rising power is pretty funny. For every problem the US has China has 10. China has massive poverty, environmental damage, social unrest, massive corruption, a huge underground banking system, and border disputes with all it's neighbors including Russia, and India. The US is well on its way to energy independence and will be able to largely withdraw from the Middle East. China on the other hand has a desperate need for more and more oil and produces next to nothing domestically. The US just likes building up bogeymen. They did it with the Soviets and the Japanese and now it's China's turn. The same people who think China is going to soon surpass the US economically and militarily are the same people who didn't see their rise a decade ago. You can't just look at current growth rates and say they will last forever and not change.

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 11:24:52 AM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Meh, our own country will be our demise, not China...

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 12:32:07 PM from Elemental Forums Elemental Forums

nationalism is such a misused cliche. take your average person in hong kong. born and bred under british rule for all those decades, so you can't say they were brain washed by the commies. yet the sentiments over those islands or japan's past are basically the same, if not more vocal and visible. (note... as in they can march and protest and what fairly much at will, rather than having someone turning on the tap) difference is that they are not a bunch of morons going around bashing up their own shops and restaurants.

unfortunately other people just latch onto the nationalism aspect and conveniently put any and everything down to that instead.

the us currencies they hold are not much more than a load of scrap paper. they buy, they sell. holdings is almost always on the increase. nukes are all fairly immaterial. by nature they are defensive weapons, those who use it 1st are dead meat. matter of fact, the only country that would get away from using it has already done so. yes, you could get a nutter who wants to blow the whole world up, but hey.. they can be anywhere.

every country (with a few bucks and people) deals in cyber espionage. the question is not who's doing it but who gets caught doing it and who goes around telling people they got done. no different from your average espionage. you know, like bugging practically the whole of the un building?

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 12:59:13 PM from WinCustomize Forums WinCustomize Forums

Quoting DsRaider,
This threat is always way overestimated.

Possibly. I've done some research and found that 3% of our debt is in China's hands. That's fine. What isn't overestimated is China's trade power now and going into the future.

America and the west need really good cyber security. I doubt CISPA will do that. I think individual freedoms will be sacrificed in that exercise. People and companies have to start listening to responsible IT people and acting accordingly.

Quoting alaknebs,
nukes are all fairly immaterial. by nature they are defensive weapons, those who use it 1st are dead meat.

You're assuming rationality and logic/common sense. You fail to comprehend the nature of hatred.

There is a place for logical thinking: Preventing countries/governments like Iran from obtaining nuclear weapons is extremely logical. It is also essential.

That again is not the subject of the OP.

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 2:53:49 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

That video is kinda strange. Did they crack and hack a Chinese computer? Is that not like a cop using b&e tools, going into your house to look for b&e tools and show you on video how bad the guy is that the cop broke into?

I have to agree that they all do it, just more BS to take away more freedoms.

Reason for Karma (Optional)
Successfully updated karma reason!
February 19, 2013 3:00:30 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Quoting DrJBHL,
There is a place for logical thinking: Preventing countries/governments like Iran from obtaining nuclear weapons is extremely logical. It is also essential.

Please leave your politics out of your computing threads, you cant just harp that stuff and expect not to be harped back at.

Reason for Karma (Optional)
Successfully updated karma reason!
February 21, 2013 9:56:59 AM from WinCustomize Forums WinCustomize Forums

Odd you don't mention it was a response to another reply, also has nothing to do with politics per se: It has to do with cyber attacks.

I'm not clear about the "harping" reference.

 

Reason for Karma (Optional)
Successfully updated karma reason!
February 23, 2013 12:13:17 PM from Elemental Forums Elemental Forums

http://nation.time.com/2013/02/22/putting-chinas-hacking-army-into-perspective/

A good article that basically states a lot of the same points as I did but more professionally.

Reason for Karma (Optional)
Successfully updated karma reason!
April 26, 2013 2:53:48 AM from WinCustomize Forums WinCustomize Forums

Meh ... all countries collect data through illegal means. China get more press because the US are getting their butt hurt. The US has been doing it for a long time, they are not about to complain about themselves.

Reason for Karma (Optional)
Successfully updated karma reason!
May 6, 2013 12:05:22 PM from Elemental Forums Elemental Forums

Perhaps its time for many of these 'sensitive' It networks to be placed in a separate 'internet' with dedicated gateways that are not always 'on/open.'  Many of these military / sci /research entities could be kept separate from the world wide web.  Is constant access really needed? 

Reason for Karma (Optional)
Successfully updated karma reason!
May 6, 2013 1:21:18 PM from WinCustomize Forums WinCustomize Forums

Quoting ElanaAhova,

Perhaps its time for many of these 'sensitive' It networks to be placed in a separate 'internet' with dedicated gateways that are not always 'on/open.'  Many of these military / sci /research entities could be kept separate from the world wide web.  Is constant access really needed? 

What I've been saying for years. If it's separate from the www, the machines to access it must be dedicated as well. What a boondoggle. One web must be totally isolated from the other, and no information shared between the two. Where's the infrastructure for that?

Reason for Karma (Optional)
Successfully updated karma reason!
May 7, 2013 10:07:33 PM from Elemental Forums Elemental Forums

Agree with you Doc.  Our proposal is 'too simple' a solution, Doc.  And simple doesn't seem, well, modern... 

Reason for Karma (Optional)
Successfully updated karma reason!
May 8, 2013 9:46:36 AM from WinCustomize Forums WinCustomize Forums

Quoting alaknebs,
nukes are all fairly immaterial. by nature they are defensive weapons, those who use it 1st are dead meat.

That's rubbish.  They have been 'used' twice...both times as offensive weapons [defensive weapons is largely an oxymoron, anyway]...and the 1st to use them are alive and well....just killing each other one bullet at a time....

....oh, yes....with their defensive weapons....

Reason for Karma (Optional)
Successfully updated karma reason!
May 8, 2013 10:02:39 AM from Elemental Forums Elemental Forums

So we can go to war to "protect our interests" against third world countries, lets go and "protect our interests".

 

'Murica.

 

Reason for Karma (Optional)
Successfully updated karma reason!
May 8, 2013 5:51:23 PM from Elemental Forums Elemental Forums

Quoting Jafo,


Quoting alaknebs, reply 6nukes are all fairly immaterial. by nature they are defensive weapons, those who use it 1st are dead meat.

That's rubbish.  They have been 'used' twice...both times as offensive weapons [defensive weapons is largely an oxymoron, anyway]...and the 1st to use them are alive and well....just killing each other one bullet at a time....

....oh, yes....with their defensive weapons....

well doh. if the japs had nukes that they can use to hit back, you think they would have been nuked?

if anyone is going to be nuked by nk it'll be china. nk is a tail that has been wagging the dog since its inception.

Reason for Karma (Optional)
Successfully updated karma reason!
May 8, 2013 6:43:24 PM from WinCustomize Forums WinCustomize Forums

Suffice it to say that it is completely beyond me how a thread bout cyber espionage (military and economic) has been turned into nuclear exchange craziness.

 

Reason for Karma (Optional)
Successfully updated karma reason!
May 9, 2013 3:56:21 AM from WinCustomize Forums WinCustomize Forums

Quoting DsRaider,


To me this all means, “China holds too much American paper, the trade balance, the manufacturing capability, and basically has pwned us.”

This threat is always way overestimated. If China attempted to sell their American reserves it would have to be to someone and the market for US debt is such that it is highly unlikely to raise the interest rate on American bonds. In fact china is already attempting to sell American Bonds because they hate the fact that they are considered so safe they pay next to nothing. As a result China is investing a lot in some rather dubious places, but that's another story.

China can't even use money from selling those bonds at home. If they attempted to sell those American dollars to buy yuan it would cause their currency to rise because they keep it artificially low. This in turn would hurt their exporters in a time where domestic inflation and rising wages is already driving out a lot of manufacturing companies.

The real reason for the reluctance of the US in dealing with China has to do with fears of starting a trade war, which could lead to political tension, which could lead to a cold or even hot war. Since the US imports so much from China a trade war would cause significant inflation. Also all those American companies in China would get kicked out or get tariff-ed and lose a ton of money. A world where China goes rogue would be a much scarier place then the world we live in today. They have a lot of nukes. Don't forget China is ruled by a very secretive bureaucracy, and the recent Japanase situation has shown that they are willing to use nationalism in order to distract their citizens from domestic problems.  

The recent fascination with China as a rising power is pretty funny. For every problem the US has China has 10. China has massive poverty, environmental damage, social unrest, massive corruption, a huge underground banking system, and border disputes with all it's neighbors including Russia, and India. The US is well on its way to energy independence and will be able to largely withdraw from the Middle East. China on the other hand has a desperate need for more and more oil and produces next to nothing domestically. The US just likes building up bogeymen. They did it with the Soviets and the Japanese and now it's China's turn. The same people who think China is going to soon surpass the US economically and militarily are the same people who didn't see their rise a decade ago. You can't just look at current growth rates and say they will last forever and not change.

 

This is good analysis.

 

China's problems are almost entirely internal and growing fast. I am not expecting China to become a world leader in my lifetime and it has to be remembered that most of the data that indicates that this is so has been modified to appease the leadership before release.

 

Their main worry at the moment is unemployment and unrest. That's why with internal R & D almost flat-lined they need to steal new product information from The West. I wouldn't like to be living on their borders when things begin to unravel though.

 

I would recommend that Western Manufacturers get out before the inflection point but greed is a hefty mote in the eye.

Reason for Karma (Optional)
Successfully updated karma reason!
Stardock Forums v1.0.0.0    #108433  walnut3   Server Load Time: 00:00:00.0000641   Page Render Time:

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
WinCustomize © 2014 Stardock Corporation. All Rights Reserved.