Results 1 to 2 of 2

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

  1. #1
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    56,798

    Chinese group infiltrates vast number of companies’ computers, says report

    Chinese group infiltrates vast number of companies’ computers, says report

    Tue, 2013-02-19 08:09 AM By: Mark Rockwell
    gsnmagazine.com/


    A huge, sprawling Cyber espionage operation emanating from a bureau of the Chinese army that employs dozens, if not hundreds, of hackers, but some of them are a little careless, a report by a U.S. cyber security company alleges.

    The cyber threat, from what Alexandria, VA-based Mandiant calls “APT1,” is only one of more than 20 groups with Chinese origins prowling the Internet and hacking into Western companies’ computer systems.

    In a report issued on Feb. 18, Mandiant said APT1 (Advanced Persistent Threat) has been operating since about 2006 and is one of the most prolific cyber spying groups in terms of the sheer quantity of information it has stolen. According to the report, APT1 has systematically pilfered hundreds of terabytes of data from at least 141 organizations around the globe.

    Mandiant was the Cyber security company called in by the New York Times in to investigate and run-down the hackers that had infiltrated the newspaper’s computer system for months in 2012.

    During a Feb. 18 press briefing, Chinese Foreign Ministry spokesman Hong Lei called the Mandiant allegations "groundless.”

    Mandiant said it has directly observed the group’s hacking activity and posted an index of more than 3,000 APT1 indicators including domain names, IP addresses, X.509 encryption certificates and MD5 hashes of malware in APT1's arsenal of digital weapons, along with its 79-page report.

    The company said it believes APT1 is the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department, which is most commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398. It is, according to reports, housed in a nondescript 12-story office building on the seedy outskirts of Shanghai.

    Although the Cyber spying mostly focused on a broad range of industries in English-speaking countries, there is a danger that the intrusions could extend to the electronic systems that control critical infrastructure

    The report said APT1 maintains an extensive infrastructure of computer systems around the world and that infrastructure that its operators continually use.

    The size of the infrastructure, it said, indicates that it’s being used by dozens, if not hundreds, of human operators. Some of those operators, it said, are sloppy, which shows the operation has human weaknesses. The company identified three of the “personas” it believes are associated with the group’s activities. It said a number of APT1 personas “made poor operational security choices, facilitating our research and allowing us to track their activities.” One of the operators, apparently a fan of the Harry Potter books and movies, used both “Harry” and “Poter [sic]” as answers to security questions when he set up email and other electronic accounts, it said.

    Those operators, it said, are some of the authors of APT1’s digital weapons and the registrants of the group’s malicious code and email accounts. They have expressed interest in China’s Cyber warfare efforts and disclosed their locations to be the Pudong New Area of Shanghai, said Mandiant. Some have even used a Shanghai mobile phone number to register email accounts used in spear phishing campaigns.

    The study identified 937 APT1 C2 servers around the world that are actively listening or communicating programs, running on 849 distinct IP addresses. It added, however, it had evidence that suggested APT1 is running hundreds, and likely thousands, of other servers. The majority of those servers, according to the study are concentrated in the U.S., where 109 were identified with APT1 and South Korea, where 11 more were identified. Other servers are located in Taiwan, Canada, Australia, Mexico, Norway and other countries, it said.

    In over 97% of the 1,905 times the company said it saw APT1 intruders connecting to their attack infrastructure, using IP addresses registered in Shanghai and systems set to use the Simplified Chinese language.

    http://www.gsnmagazine.com/node/28563?c=access_control_identification
    NO AMNESTY

    DON'T REWARD THE CRIMINAL ACTIONS OF MILLIONS OF ILLEGAL ALIENS

    BY GIVING THEM CITIZENSHIP

  2. #2
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    56,798
    U.S. to tackle trade secret theft from China, others



    1 of 2. U.S. Trade Representative Ron Kirk (L) and Acting Secretary of Commerce Rebecca Blank speak at a news conference during the 23rd session of the U.S.-China Joint Commission on Commerce and Trade in Washingtonin this file photo from December 19, 2012.
    Credit: Reuters/Joshua Roberts/Files

    By Doug Palmer
    Wed Feb 20, 2013 4:14pm EST

    WASHINGTON (Reuters) - The White House said on Wednesday it will step up diplomatic pressure and study whether tougher laws are needed to stop a wave of trade secret theft from China and other countries in a strategy that offered few new ideas for dealing with the threat.

    "Trade secret theft threatens American businesses, undermines national security and places the security of the U.S. economy in jeopardy," the White House said in a report that laid out its strategy. "These acts also diminish U.S. export prospects around the globe and put American jobs at risk."

    "Emerging trends indicate that the pace of economic espionage and trade secret theft against U.S. corporations is accelerating," the White House warned in the report, which listed threats to corporate intellectual property from cyber attacks and more conventional methods of economic espionage.

    The report did not specifically name any country as the main culprit. But it listed more than a dozen cases of trade secret theft by Chinese companies or individuals, far more than any other country mentioned in the report.

    U.S. corporate victims of the Chinese theft included General Motors, Ford, DuPont, Dow Chemical and Cargill.

    "For an economy like ours, that's going to win based on our innovation of what we produce and create, this is a critically important issue," U.S. Trade Representative Ron Kirk told Reuters in an interview ahead of the report's release.

    The Obama administration released the strategy one day after a U.S. computer security company said it believed a secretive Chinese military unit was behind a series of hacking attacks.

    China flatly denied the accusations made by the company, Mandiant, calling them "unprofessional." Its Defense Ministry said hacking attacks are a global problem and that China is one of the biggest victims of cyber assaults.

    Victoria Espinel, the White House intellectual property rights enforcement coordinator, said the new strategy coordinates and improves existing U.S. government efforts to protect the innovation that drive the American economy and supports jobs in the United States.

    Kirk said the problem of trade secret theft in China was a factor in the decisions by some U.S. companies to move operations back to the United States.

    The companies have "had very frank conversations with the Chinese, (saying) 'you know it's one thing to accept a certain level of copyright knock-offs, but if you're going to take our core technology, then we're better off being in our home country," Kirk told Reuters.

    http://www.reuters.com/article/2013/02/20/us-usa-trade-secrets-idUSBRE91J0T220130220
    NO AMNESTY

    DON'T REWARD THE CRIMINAL ACTIONS OF MILLIONS OF ILLEGAL ALIENS

    BY GIVING THEM CITIZENSHIP

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •