In a new 60-page report, security vendor Mandiant traces dozens of cyberattacks that stole data from dozens of corporations, most of them based in the U.S., back to the Chinese military. Unsurprisingly, China has denied the claims.
The Washington Post's William Wan and Ellen Nakashima reported, "A U.S. security firm has linked China’s military to cyberattacks on more than 140 U.S. and other foreign corporations and entities, according to a report released Tuesday. The 60-page study by investigators at the Alexandria-based Mandiant security firm presents one of the most comprehensive and detailed analyses to date tracing corporate cyber-espionage to the doorstep of Chinese military facilities. And it calls into question China’s repeated denials that its military is engaged in such activities."
David E. Sanger, David Barboza And Nicole Perlroth with The New York Times added, "An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as 'Comment Crew' or 'Shanghai Group' — to the doorstep of the military unit’s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area. 'Either they are coming from inside Unit 61398,' said Kevin Mandia, the founder and chief executive of Mandiant, in an interview last week, 'or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.'"
Ben Blanchard and Joseph Menn with Reuters noted, "China's Defense Ministry issued a flat denial of the accusations and called them 'unprofessional.' It said hacking attacks are a global problem and that China is one of world's biggest victims of cyber assaults. 'The Chinese army has never supported any hacking activity,' the Defense Ministry said in a brief faxed statement to Reuters. 'Statements about the Chinese army engaging in cyber attacks are unprofessional and not in line with facts.'"
The Wall Street Journal commented:
We hope China's behavior proves self-defeating. Economic transactions are about mutual benefit, and nobody should continue doing business with a counterparty who continually rips them off. The signs are that the U.S. government may finally be getting up the nerve to respond with more than quiet, feckless pleading.
Better defenses are imperative. Naming and shaming the Chinese entities responsible, as Mandiant has done, are also important, and targeted sanctions against individuals and institutions will probably be needed. Chinese officials need to understand that if they want their current economic relationship with the U.S. to continue, they must stop their cyberattacks.
Beijing has long wanted to showcase the triumph of 'socialism with Chinese characteristics,' and in a way it has. Its defining characteristic is theft."