Smoking gun

Evidence is mounting that China’s government is sponsoring the cybertheft of Western corporate secrets. What should America do to stop it?

FOR years, intelligence agencies and private security experts have warned that Chinese hackers are trying to steal Western corporate secrets. The cries have grown ever louder as the attacks have become bolder and signs of government involvement have surfaced. In a forthcoming book, Eric Schmidt, the executive chairman of Google, reportedly brands China “the most sophisticated and prolific” hacker of foreign companies.
Chinese hacking has outraged many American politicians, leading to noisy hearings in Congress and a backlash against Chinese firms. Earlier this month the Obama administration declared its intention to go on the cyber-security offensive. Europe, China’s biggest trade partner, is angry, too. The European Commission is considering forcing hacked companies to reveal their woes to the authorities.

The Chinese government has always hotly denied the accusations. Its officials say the accusers have never produced hard evidence. Now that has changed as Mandiant, an American cyber-security firm, released a detailed report on February 19th describing the activities of a curious group of hackers. Through its work protecting Western firms, Mandiant observed how these hackers broke into dozens of company networks over many years to steal vast amounts of intellectual property (IP). The bombshell is the claim, denied by the government, that this gang is actually an elite division of the People’s Liberation Army (PLA), known as Unit 61398, based in an innocuous white office building near Shanghai’s financial district (see picture).
The report is worth taking seriously for several reasons. First, Mandiant has a sound pedigree: it shot to prominence by tracing the long-term hacking of the New York Times, revealed last month, back to Chinese officialdom. And, unlike previous accusers, it has meticulously documented the hackers’ methods and malware. Though the hackers (known as the “Comment Crew”) used nearly 1,000 remote servers in over a dozen countries, Mandiant traced them to networks in Shanghai near the army compound.

Source and read more:

0 yorum: