S*****s
发帖数: 7520 | 1 A secretive branch of China's military is probably one of the world's "most
prolific cyber espionage groups", a US cyber security firm has said.
Mandiant said Unit 61398 was believed to have "systematically stolen hundred
s of terabytes of data" from at least 141 organisations around the world.
It traced the attacks to the doorstep of a non-descript building in Shanghai
used by the unit.
China denied hacking and questioned the validity of Mandiant's report.
'Extensive cyber espionage'
"Hacking attacks are transnational and anonymous," said foreign ministry spo
kesman Hong Lei.
"Determining their origins are extremely difficult. We don't know how the ev
idence in this so-called report can be tenable.
Mr Hong added that Beijing "firmly opposes hacking", has taken steps to prev
ent it and is also a victim of cyber attacks.
In an indication of the military sensitivity around the Shanghai site, the B
BC's John Sudworth and his camera crew were briefly detained by soldiers whe
n they went to film the facility. They were only released once they had hand
ed over their footage.In its unusually detailed report, US-based computer se
curity company Mandiant said it had investigated hundreds of data breaches s
ince 2004, most of which it attributed to what it termed "Advanced Persisten
t Threat" actors.
Continue reading the main story
Analysis
Jonathan Marcus
BBC Diplomatic Correspondent
The scale of the Chinese hacking alleged by the computer security firm Mandi
ant is striking. Until now the bulk of this hacking has been a digital versi
on of old-fashioned industrial espionage - stealing designs and company secr
ets.
But there is a more sinister side to this activity as well. Chinese hackers
are alleged to have a growing interest in gaining access to key parts of the
US infrastructure - gas lines, power grids and waterworks. President Barack
Obama himself warned during his recent State of the Union address that the
nature of the cyber threat was changing.
Gaining access to critical systems is the key. Once inside the digital perim
eter - especially if the intrusion is not identified, there is the possibili
ty of causing real physical damage to the infrastructure that the computers
control.
The details it had uncovered, it said, "convince us that the groups conducti
ng these activities are based primarily in China and that the Chinese govern
ment is aware of them".
The most prolific of these actors is APT1, which Mandiant says is "a single
organisation of operators that has conducted a cyber espionage campaign agai
nst a broad range of victims since at least 2006".
"From our observations, it is one of the most prolific cyber espionage group
s in terms of the sheer quantity of information stolen," it said, adding tha
t it was "likely government-sponsored and one of the most persistent of Chin
a's cyber threat actors".
"We believe that APT1 is able to wage such a long-running and extensive cybe
r espionage campaign in large part because it receives direct government sup
port," said Mandiant.
The firm said it had traced the hacking activities of APT1 to the site of 12
-storey building in the Pudong area of Shanghai. It said that Unit 61398 of
the People's Liberation Army "is also located in precisely the same area" an
d that the actors had similar "missions, capabilities and resources".
Among the findings about APT1 in the report were that it:
is staffed by hundreds, possibly thousands, of proficient English speakers w
ith advanced computer security and networking skills
has hacked into 141 companies across 20 industries, 87% based in English-spe
aking countries, and is able to steal from dozens of networks simultaneously
has stolen hundreds of terabytes of information including blueprints, busine
ss plans, pricing documents, user credentials, emails and contact lists
stayed inside hacked networks for an average of 356 days, with the longest l
asting 1,764 days
targeted industries identified by China as strategically important under its
Five Year Plan for economic growth
'Groundless'
Unit 61398 has for some time been suspected by the US of being central to Ch
ina's cyber espionage programme, the New York Times reports.
Mandiant admitted there could be one alternative explanation for its finding
s: that "a secret, resourced organisation full of mainland Chinese speakers
with direct access to Shanghai-based telecommunications infrastructure is en
gaged in a multi-year, enterprise scale computer espionage campaign right ou
tside of Unit 61398's gates, performing tasks similar to Unit 61398's known
mission".
Several governments, foreign companies and organisations have said in the pa
st they suspect China of carrying out extensive cyber espionage over periods
of several years.
Last month, the New York Times said its systems had been infiltrated over a
period of four months, after it wrote a report on the alleged wealth of Chin
a's outgoing Premier Wen Jiabao.
Mandiant, which the paper hired to investigate, traced the hack to China. Ho
wever, the paper said its breach had been attributed to a different group. T
he Wall Street Journal also reported a China-based hack.
At the time, China's foreign ministry dismissed the New York Times accusatio
ns as "groundless", saying that to "conclude without hard evidence that Chin
a participated in such hacking attacks is totally irresponsible". | y*h
发帖数: 25423 | | P****i
发帖数: 12972 | 3 第一名校,不是吹的
【在 y*h 的大作中提到】
: 尼玛蓝翔也到上海买写字楼了
| y****z
发帖数: 502 | | h*****9
发帖数: 968 | |
|
