Chinese army hackers return from vacation, renew attacks on US
Being outed, public "shaming" by White House only yielded pause in hacks.
After being publicly exposed in February as the source of a
long list of cyberattacks on US companies and media organizations, the
Chinese People's Liberation Army's (PLA) Unit 61396 largely pulled back
from the networks the unit had infiltrated. But now, the New York Times reports,
the hackers are back in action using new techniques to go after many of
the same corporate and government targets they had infiltrated before.
The revived attacks come despite (or perhaps because of) the direct accusations leveled against China's military in a Pentagon report to Congress earlier this month. The White House approved "naming and shaming" the PLA unit in hopes that it would cause the Chinese government to take action. The move was part of an escalation of diplomatic pressure that began in March, when White House National Security Advisor Tom Donilon first publicly mentioned the Obama Administration's appeal to the Chinese government to "engage with us in a constructive dialogue" on cyber security.
"In 2012, numerous computer systems around the world, including those owned by the US government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military," the Pentagon report stated. "These intrusions were focused on exfiltrating information. China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support US national defense programs."
Cybersecurity firm Mandiant—the firm that assisted the Times in handling its own infiltration by Unit 61396—reports that the PLA's hackers are back in action, using new tools and command-and-control network. Mandiant also reported that Chinese hackers are now back at about 60 to 70 percent of previous activity levels.
The revived attacks come despite (or perhaps because of) the direct accusations leveled against China's military in a Pentagon report to Congress earlier this month. The White House approved "naming and shaming" the PLA unit in hopes that it would cause the Chinese government to take action. The move was part of an escalation of diplomatic pressure that began in March, when White House National Security Advisor Tom Donilon first publicly mentioned the Obama Administration's appeal to the Chinese government to "engage with us in a constructive dialogue" on cyber security.
"In 2012, numerous computer systems around the world, including those owned by the US government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military," the Pentagon report stated. "These intrusions were focused on exfiltrating information. China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support US national defense programs."
Cybersecurity firm Mandiant—the firm that assisted the Times in handling its own infiltration by Unit 61396—reports that the PLA's hackers are back in action, using new tools and command-and-control network. Mandiant also reported that Chinese hackers are now back at about 60 to 70 percent of previous activity levels.
No comments:
Post a Comment
Comments always welcome!