Chinese Hackers Resume Their Attacks
After a temporary pause in operations, China is allegedly hacking the same companies and government agencies that the country was singled out for three months earlier, reports The New York Times.
According to the paper, Unit 61398 is at it again, and Mandiant—the security company that worked with The New York Times on previous reports of security breaches stemming from the People’s Liberation Army—is saying that the hackers are “operating at 60 percent to 70 percent of the level they were working at before.”
What’s surprising is that the hackers aren’t exactly coming up with creative new ways to lure potential victims. In fact, they are supposedly using the same software they previously used, albeit with a few minor code adjustments.
Let this be a lesson to all of you out there who are not following proper security protocol. The hackers have been targeting “small Internet service providers and mom-and-pop shops whose owners do not realize that by failing to rigorously apply software patches for known threats, they are enabling state-sponsored espionage.”
For more details on how exactly the hackers are doing their dirty work, Computerworld has posted an engaging piece that quotes from Dan McWhorter, Mandiant’s managing director of threat intelligence. McWhorter describes how the Chinese hackers “have become adept at stealing legitimate corporate network credentials and then using them to log in as an employee.”
Once the hackers get what they need, they are able to cover their tracks without being detected, and the unsuspecting company or agency is left none the wiser.
Keep in mind that not all Chinese hackers are simply targeting foreign corporations and governments. The Washington Post reports that “freelance and industrial hackers operating within China” have cost the country $873 million, according to a Tsinghua University study.
The premise behind the Washington Post’s article is that, since the Chinese government seems to be encouraging hacking on foreign entities, it makes sense that the country’s tolerance for cyber espionage is pretty high. Given that Chinese companies are encouraged to be hypercompetitive, it would be strange if these companies were not actively hacking one another in an attempt to gain the upper hand.
All this matches up with the The Financial Times’s portrait of modern-day Chinese hackers. While it’s easy to think of Chinese hackers operating in unison to take down any entity Chinese authorities want infiltrated, the truth is that many companies are using hackers to engage in corporate warfare with each other.
From The Financial Times:
'Some assessments seek to create the impression that China conducts cyber espionage in a highly organised way with a tight command structure, but that is just not true,' says an official at a US industry association.
He says the military unit portrayed by Mandiant as a spider at the centre of a giant web is just one actor in a thriving but chaotic Chinese hacking ecosystem with many different private and state actors. 'One key driver is a set of national policies that call for innovation and the development and acquisition of new technologies. This means there is an incentive for every company and every government institution to get their hands on IP, whatever it takes.'
