The cybersecurity firm whose blockbuster reports claimed that the Chinese army was barraging the U.S. with online attacks says that unit "took a vacation"—but now it's back.

The cybersecurity firm whose blockbuster reports claimed that the Chinese army was barraging the U.S. with online attacks says that unit "took a vacation"—but now it's back.

The mysterious Unit 61398, located outside Shanghai, “went quiet for a while," Richard Bejtlich, Chief Security Officer at cybersecurity firm Mandiant, said at a Center for National Policy talk Wednesday. "But over the course of the last several weeks," he said, "they seem to be trying to get back into some of their old targets.”

Government officials and security firms have claimed for years that the majority of cyber attacks on U.S. companies come from China. (The Chinese government, for its part, both denies any official involvement and says it's the U.S. that attacks them.) But in February, Mandiant, a major firm with significant government consulting ties, made a bold, blockbuster claim: that Unit 61398, where an overwhelming number of attacks on the U.S. originate, was almost certainly a single building on a People's Liberation Army campus.

Lawmakers have long cited Mandiant's findings to call for increased cybersecurity laws. In particular, Mike Rogers (R-Mich.), sponsor of the controversial Cyber Intelligence Sharing and Protection Act (CISPA), has cited Mandiant's expertise since at least 2011. Mandiant's major report was released in February 2013, and may have helped CISPA pass its House vote two months later. While CISPA has since died in the Senate, politicians who call for new cybersecurity laws still refer to Chinese attacks as the major reason why.

It's unclear if the attacks ceased in direct response to Mandiant had calling out Unit 61398. Bejtlich said that while they changed their methods, "they have no changed appreciatively."

He said there's an apparent mentality for those hackers to keep using what works, and noted that many American companies are as vulnerable now as they were a few months ago. "In some cases, they're using the same infrastructure they were using before," Bejtlich said.

H/T L.A. Times | Photo via Center for National Policy

Promoted Stories Powered by Sharethrough
Layer 8
A female Lebanese news anchor was told to shut up—here's what she did instead
Rima Karaki is a Lebanese TV host who isn't afraid of a fight. Things got heated Monday when Karaki was interviewing Hani Al-Seba'i about the phenomenon of Christians joining Islamic groups like ISIS. Al-Seba’i is a Sunni scholar who fled to London after he was sentenced in an Egyptian court to 15 years in prison for being a part of the Egyptian Islamic Jihad. The United Nations considers the group to be an affiliate of al Qaeda.
China turns the tables on U.S. cyberattack accusations
In the world of alleged state-on-state mass hacking attacks, the accuser has become the accused.
The Latest From Daily Dot Video

Pure, uncut internet. Straight to your inbox.

Thanks for subscribing to our newsletter!