Domain: mandiant.com
Stories and comments across the archive that link to mandiant.com.
Comments · 8
-
Re:Glory to Arstotzka!
China's massive espionage ends at their borders, outside there it's just the usual
This exhaustively researched report claims the Chinese army has a division that actively hacks Western corporations to steal their data:
While China is behind the NSA in some regards, they are beyond it in others. I think 'comparable' is appropriate.
-
Re:Oh well, it was nice while it lasted...
-
Yeah, whatever China.
The Mandiant report was pretty damning.
"In over 97% of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language."
Oh, sure, it's probably just random hackers that really like that network...Here's an update:
https://www.mandiant.com/blog/apt1-months-significantly-impacted-active-rebuilding/ -
Re:Full Retard Mode Activate!
Besides violating over a dozen international treaties...
Untrue. There are exceptions to WTO treaty obligations, one of which includes national security.
...an unsubstantiated claim that there may be espionage/surveillance capability built into some devices.And let me be clear: No government or private agency has come forward with conclusive proof that any product made in China for commercial resale has these capabilities built into it at the direction of the Government.There were many claims from many different parties that the Chinese government engaged in active spying/covert intelligence gathering on New York Times, Google, RSA. And those are just the ones we know. Lets also not forget the Mandiant Report that caused such a reaction online not too long ago. None of this is conclusive proof but it sure is a great cause for concern.
The economic and political rammifications of this are being glossed over -- this action doesn't just affect our relationship with China, but with any country we do business with, because they signed the same treaties, and now they're looking at our unilateral action and thinking: What makes us think the US won't renege on their deal with us?
The consequences you paint may well be overblown. There is evidence that the US is not the only country worried about China's activities. Australia, for example, has blocked Huawei from bidding for work on its $38 billion national broadband network, for the same security fears. Germany has sent representatives to the Chinese Government to ask them to stop, unofficially. Even the UK is so worried about the China spying problem that Jonathan Evans, director general of MI5 publicly warned that the West now faces an "astonishing" cyber espionage threat on an "industrial scale" from specific nation states.
Given that China itself uses national security as a reason for imposing restrictions on foreign commercial activities on its shores, I really don't think there is any basis to complain about the present measures introduced by the US.
-
Re:So lets recap shall we?
and I've yet to see evidence to the contrary. Hyperbole, allegations, lies
.. these all come in droves. Proof? Not a dropDid you see the Mandiant info release of a few weeks ago?
http://intelreport.mandiant.com/ -
How truth is made
1. Some company gets hacked
2. Some security company (Mandiant) investigates and makes a non-peer-reviewed report (PDF) with very thin evidence that jumps to conclusions
3. Sensational press repeats claims from report without investigating
4. Government uses "evidence" of what now seems a big problem and a certain source to start a war
5. Profit...I'd like some smart Slashdot reader to read the report and tell us what you think. It contains a lot of random facts and then draws some very unscientific conclusions. I think it was written starting with the conclusions, then finding facts to "support" it.
-
Actual Report HereDirect Link to the 6.8 MB PDF file here.
Mandiant page with appendix and hashes for their materials here.
I was reading through this last night and it contains some interesting details, but is also something of an advertisement for Mandiant's services. Some highlights:- The name of the group is People's Liberation Army Unit 61398 in Shanghai, and Mandiant has found that one of their personas uses easy to remember passwords for the many accounts he sets up, including a sort of mnemonic for the unit's number (“2j3c1k” likely stands for 2 ju 3 chu 1 ke, which likely stands for 2nd Bureau, 3rd Division, 1st Section, which is the official name of Unit 61398). The majority of attacks come from the neighborhood where this unit is based, and they have been supplied with "special" fiber connections "in the name of national defense."
- The group is focused on the U.S. and Canada, and is mostly interested in attacking the information technology industry, but has taken an interest in aerospace, public administration, satellites and telecom, scientific research, energy and transportation.
- They include interesting profiles of three "personas" known to be involved in the units attacks: Malware author "Ugly Gorilla" (a.k.a. "Wang Dong"), hacker "DOTA" (whose gmail account they claim to have broken into, and they provide a screenshot) and tool author "SuperHard" (Mei Qiang).
- The group uses the term “rouji,” which translates to "Meat Chicken," in their software to refer to infected computers.
-
Actual Report HereDirect Link to the 6.8 MB PDF file here.
Mandiant page with appendix and hashes for their materials here.
I was reading through this last night and it contains some interesting details, but is also something of an advertisement for Mandiant's services. Some highlights:- The name of the group is People's Liberation Army Unit 61398 in Shanghai, and Mandiant has found that one of their personas uses easy to remember passwords for the many accounts he sets up, including a sort of mnemonic for the unit's number (“2j3c1k” likely stands for 2 ju 3 chu 1 ke, which likely stands for 2nd Bureau, 3rd Division, 1st Section, which is the official name of Unit 61398). The majority of attacks come from the neighborhood where this unit is based, and they have been supplied with "special" fiber connections "in the name of national defense."
- The group is focused on the U.S. and Canada, and is mostly interested in attacking the information technology industry, but has taken an interest in aerospace, public administration, satellites and telecom, scientific research, energy and transportation.
- They include interesting profiles of three "personas" known to be involved in the units attacks: Malware author "Ugly Gorilla" (a.k.a. "Wang Dong"), hacker "DOTA" (whose gmail account they claim to have broken into, and they provide a screenshot) and tool author "SuperHard" (Mei Qiang).
- The group uses the term “rouji,” which translates to "Meat Chicken," in their software to refer to infected computers.