Sometimes the truth is scarier than fiction, like in the case of China's cyber attacks on the United States.
In what reads more like a crime novel than a true story, a report released today (Tuesday) from Virginia-based cybersecurity firm Mandiant, a specific Chinese military unit is likely behind one of the largest cyber attacks aimed at American corporations and infrastructure.
China's Unit 61398, housed in a 12-story building in Shanghai with a headcount in the hundreds, is being accused of stealing "hundreds of terabytes of data from at least 141 organizations" since 2006. Some 115 targets in 20 different industrial sectors from energy and aerospace to transportation to financial institutions are said to have been violated.
The investigation tracked, for the first time, individual members of the savviest Chinese hacking group, dubbed "Comment Crew" and "Shanghai Group," directly to the military unit's headquarters. While Mandiant couldn't pinpoint the hackers' exact whereabouts inside the high-rise, the firm very convincingly makes the case that the building is where the attacks originated.
"Once [Unit 61398] has established access [to a target network], they periodically revisit the victim's network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contacts lists from victim organizations' leadership," the detailed 74-page report reads.
American officials also confirmed that digital forensic evidence presented by Mandiant leads to the Shanghai building as the prime source of the attacks, according to The New York Times, which first reported on Mandiant's findings Monday. Mandiant is the same firm The Times secured to investigate the cyber attacks that infiltrated their own systems in China last month.
The Chinese government adamantly denies the allegations. Chinese Foreign Ministry spokesperson Hong Lei said at a press conference the claims in the Mandiant report were unsupported.
"To make groundless accusations based on some rough material is neither responsible nor professional. Cyberattacks are anonymous and transnational, and it is hard to trace the origin of attacks, so I don't know how the findings of the report are credible," The Wall Street Journal reported.
The Cybersecurity Threats Keep Growing
The Mandiant report comes just a week after U.S. President Barack Obama stressed in his State of the Union address that America must "face the rapidly growing threat from cyber attack."
While the president didn't name China as a culprit, U.S. officials have long regarded China as a chief offender.
Mandiant's managing director of threat intelligence Dan McWhorter explained the firm's decision to release the information in a statement, "It is time to acknowledge the threat is originating from China, and we wanted to do our part to arm and prepare security professionals to combat the threat effectively."
The threats are all too real and far reaching.
As Money Morning's Executive Editor William Patalon III wrote in this month's Private Briefing column "The Cyber-Hacking of America Is Going to Cost Us Big Time," "The worry is that one of these groups could pull the plug on the U.S. power grid, stall our transportation system, overtax our financial system, or infiltrate a government agency. Any one of those could have catastrophic implications for the country and its economy."
Attacks on air traffic control or a major U.S. bank would cripple the country.
White House spokeswoman Caitlin Hayden commented Tuesday, "The United States has sustainable and growing concerns about the threats to U.S. economic and national security posed by cyber intrusions, including the theft of commercial information."
And there's no end in sight.
"Right now there is no incentive for the Chinese to stop doing this," said Rep. Mike Rogers, R-MI, the House intelligence chairman. "If we don't create a high price, it's only going to keep accelerating."
That's why the increasingly bold attacks on America's cyber turf are a direct call for immediate and severe action.
As sequestration talks loom, the Mandiant report underscores what Patalon stressed: "This is no time to cut defense related spending that will promote cybersecurity and combat cyber-terrorism."
Editor's Note: If you would like to join the thousands of investors Private Briefing has already helped to make big money in the markets – and get analysis of just-released financial news like China's cyber attacks on America – you can do so for just 26 cents a day.
We're proud to say that in a little over a year, Bill Patalon's Private Briefing has had more than four dozen winners, including four that have doubled and two that ended up as takeover targets.
Related Articles and News:
- Money Morning:
How the Pentagon Aims to Stop China's Cyber-Hacking of America - Money Morning:
Fed Hack Attack Highlights Growing Need for Cybersecurity - The New York Times:
China's Army Unit Is Seen as Tied to Hacking Against U.S. - The Hill:
Elite Chinese unit accused of waging cyberwar against US - The Mandiant Report:
Exposing One of China's Cyber Espionage Unites
It is about time that the various military complexes – not only in the US – but in many other countries start to realise that it is almost useless to continue throwing billions at conventional defense and concentrate the spending on new types of warfare.
That also implies that there must be a complete separation of sensitive operations from the net. It is beyond my knowledge of how to achieve it, I only think that it will cost huge amounts of time and money to be put it place.