Washington: A day after enough evidence of Chinese cyber attacks directed at the US government came to the light, the White House on Wednesday is slated to release a report that would outline the strategy to deal with China’s “unrelenting campaign of cyber-stealing”.
Top US officials said that the report would entail a list of aggressive steps to tackle what they called an “unrelenting campaign of cyberstealing linked to the Chinese government”, said a news agency.
Mandiant, an American computer security on Monday released a detailed 60-page study that tied a secret Chinese military unit in Shanghai to years of cyber attacks against US companies.
Mandiant has detected more than 140 intrusions by the hackers’ group called as Shanghai Group or Comment Crew since 2006. Mandiant has also concluded that the hackers can be linked to the People's Liberation Army's Unit 61398.
The release of Mandiant's report, complete with details on three of the alleged hackers and photographs of one of the military unit's buildings in Shanghai, makes public what US authorities have said less publicly for years. But it also increases the pressure on the US to take more forceful action against the Chinese for what experts say has been years of systematic espionage.
The Chinese government, meanwhile, has denied involvement in the cyber-attacks tracked by Mandiant. Instead, the Foreign Ministry said that China, too, is a victim of hacking, some of it traced to the US Foreign Ministry spokesman Hong Lei cited a report by an agency under the Ministry of Information Technology and Industry that said in 2012 alone that foreign hackers used viruses and other malicious software to seize control of 1,400 computers in China and 38,000 websites.
"Among the above attacks, those from the US numbered the most," Hong said at a daily media briefing, lodging the most specific allegations the Chinese government has made about foreign hacking.
Cybersecurity experts say US authorities do not conduct similar attacks or steal data from Chinese companies, but acknowledge that intelligence agencies routinely spy on other countries.
Mandiant said there are only two viable conclusions about the involvement of the Chinese military in the cyberattacks: Either Unit 61398 is responsible for the persistent attacks or they are being done by a secret organization of Chinese speakers with direct access to the Shanghai telecommunications infrastructure who are engaged in a multi-year espionage campaign being run right outside the military unit's gates.
"In a state that rigorously monitors Internet use, it is highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai," the Mandiant report said, concluding that the only way the group could function is with the "full knowledge and cooperation" of the Beijing government.
The unit "has systematically stolen hundreds of terabytes of data from at least 141 organizations," Mandiant wrote. A terabyte is 1,000 gigabytes. The most popular version of the new iPhone 5, for example, has 16 gigabytes of space, while the more expensive iPads have as much as 64 gigabytes of space. The US Library of Congress' 2006-2010 Twitter archive of about 170 billion tweets totals 133.2 terabytes.
Mandiant's report is filled with high-tech details and juicy nuggets that led to its conclusion, including the code names of some of the hackers, like Ugly Gorilla, Dota and SuperHard, and that Dota appears to be a fan of Harry Potter because references to the book and movie character appear as answers to his computer security questions.
The White House would not comment on the report expected Wednesday.
With Agency Inputs
First Published: Wednesday, February 20, 2013, 09:40