- Netflix thriller ‘Earthquake Bird’ can’t solve its own mystery Monday 4:45 PM
- Goop is selling an expensive ‘restraining arts’ BDSM kit Monday 4:17 PM
- Body positivity actress Lili Reinhart calls out Photoshopping app Monday 3:42 PM
- ‘Rick and Morty’ zeroes in on connections and leans into familiar territory Monday 3:30 PM
- People are sharing photos of how much they’ve changed in a decade Monday 2:30 PM
- A few of our favorite things on Newegg are on sale for Black Friday Monday 2:15 PM
- Disney adds ‘Bob’s Burgers’ movie back to release schedule after accidentally yanking it Monday 2:02 PM
- Ocasio-Cortez launches petition demanding Stephen Miller’s resignation Monday 1:24 PM
- Prince Andrew’s defense against child sex crimes stokes conspiracy theory flames Monday 1:20 PM
- More people may be looking to cancel Disney+ than Netflix Monday 1:09 PM
- Monday Night Football: How to stream Chiefs vs. Chargers live Monday 1:00 PM
- After days of deadly protests, Iran implements ‘largest internet shutdown ever’ Monday 12:55 PM
- ‘Disney Plus and thrust’ is apparently the new Netflix and Chill Monday 12:32 PM
- Woman fired, sued after coworker shared their sexts Monday 12:22 PM
- Group running GoFundMe for border wall breaks ground without permits Monday 11:47 AM
China denies sponsoring hacking attacks against U.S. companies
The Chinese government flatly denies a U.S. security firm’s claim that the Chinese military has been running a large-scale hacking attack against U.S. industries.
A major cybersecurity contractor released a report Tuesday that traced an enormous hacking operation against U.S. companies to a single Chinese army building.
The report provided ammunition for U.S. lawmakers who believe the country needs new cybersecurity laws to deal with foreign threats, including the sponsors of the controversial Cyber Intelligence Security Protection Act (CISPA).
But Chinese officials deny that the attacks were government-sponsored.
China’s Department of Defense issued a reply to cybersecurity consultant Mandiant’s report on Wednesday, saying that while it’s possible some cyber attacks have come from China, they weren’t official; the Chinese army doesn’t do that sort of thing.
“Chinese law forbids hacker attacks, or any breach of Internet security,” according to the country’s release. “The Chinese government has always resolutely cracked down on criminal activities, and the Chinese army has never supported any hacking.”
Mandiant released a thorough, 60-page case that tracked cyberattacks on U.S. networks to a single, 12-story military building outside of Shanghai: PLA Unit 61398. The purpose of the building is a state secret, but Mandiant even put forth a serious estimation of what’s inside: 130,663 square feet, more than 1,000 servers, plus linguists, open-source software experts, and experts from various industries targeted by the hacking attacks.
For instance, 97% of attackers used Simplified Chinese as their keyboard setting, 98% of hackers were identified by their Internet protocol (IP) addresses as coming from China, and 99.8% of those were traced to Shanghai—Unit 61398’s neighborhood in particular. “The sheer scale and duration of sustained attacks against such a wide set of industries from a singularly identified group based in China leaves little doubt,” the report said.
But China dismissed that IP address argument, noting, as many Internet rights activists do, that it’s easy to fake IP addresses, and it’s unfair to use them to identify a person. “As we all know, hacker attacks almost always steal IP addresses. It is common practice online,” the release said. It even noted that China itself is a common victim of cyber attacks, and that “a considerable number of attack sources from the United States, but we did not as a pretext to accuse the U.S.”
Mandiant did acknowledge it was relying on Occam’s Razor, and that there’s a small possibility that the attacks were coming from somewhere else nearby. If they don’t originate from an army building, it’s possible they weren’t, actually, state-sponsored. Though that’s unlikely, Mandiant said, it conceded it’s possible that:
A secret, resourced organization full of mainland Chinese speakers with direct access to Shanghai-based telecommunications infrastructure is engaged in a multi-year, enterprise scale computer espionage campaign right outside of Unit 61398’s gates, performing tasks similar to Unit 61398’s known mission.
Immediately after Mandiant’s report, lawmakers who have pushed for CISPA—a bill privacy advocates strongly object to—cited it as justification for their longstanding claims that the U.S. is often cyber-attacked by the Chinese government.
But the Chinese Department of Defense seemed to object to that talk.
“China has always attached great importance to international cooperation in cyberspace, to jointly combat cybercrime,” the release said. “Unilateral public accusations in the media, is not only ineffective, it undermines the climate of cooperation.”
Photo of Chinese Defense Minister Gen. Liang Guanglie via Wikimedia Commons
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.