- Jeff Bezos’ girlfriend allegedly sent his nudes to her brother, who then leaked them Saturday 6:38 PM
- This Instagram account catches influencers in the wild Saturday 5:42 PM
- The best upcoming video games to look out for in February 2020 Saturday 5:23 PM
- TikTok teens use AirPods and Google Translate to secretly talk in class Saturday 4:32 PM
- Video shows corpses of coronavirus victims lying in China hospital Saturday 3:44 PM
- Kid meets Slipknot after drumming video goes viral Saturday 2:30 PM
- Channing Tatum responds to troll who tried to compare Jenna Dewan and Jessie J’s looks Saturday 1:46 PM
- Grindr pulls an ‘I don’t know her’ after Eminem suggests he uses the app Saturday 12:48 PM
- Here are the top 10 most popular Instagram models in 2020 Saturday 12:21 PM
- ‘The Chilling Adventures of Sabrina’ takes its characters on a fantasy adventure to Hell in season 3 Saturday 11:37 AM
- Woman no longer in sorority, school after racist MLK post Saturday 10:45 AM
- Netflix’s ‘Miss Americana’ starts to deconstruct the myth of Taylor Swift Saturday 10:32 AM
- Teens charged with attempted arson after participating in TikTok ‘outlet challenge’ Saturday 8:56 AM
- ‘American Dirt’ is a metaphor for a white country built on the back of immigrants Saturday 6:00 AM
- This woman told two students to ‘speak English’ and people are not having it Friday 9:53 PM
China denies sponsoring hacking attacks against U.S. companies
The Chinese government flatly denies a U.S. security firm’s claim that the Chinese military has been running a large-scale hacking attack against U.S. industries.
A major cybersecurity contractor released a report Tuesday that traced an enormous hacking operation against U.S. companies to a single Chinese army building.
The report provided ammunition for U.S. lawmakers who believe the country needs new cybersecurity laws to deal with foreign threats, including the sponsors of the controversial Cyber Intelligence Security Protection Act (CISPA).
But Chinese officials deny that the attacks were government-sponsored.
China’s Department of Defense issued a reply to cybersecurity consultant Mandiant’s report on Wednesday, saying that while it’s possible some cyber attacks have come from China, they weren’t official; the Chinese army doesn’t do that sort of thing.
“Chinese law forbids hacker attacks, or any breach of Internet security,” according to the country’s release. “The Chinese government has always resolutely cracked down on criminal activities, and the Chinese army has never supported any hacking.”
Mandiant released a thorough, 60-page case that tracked cyberattacks on U.S. networks to a single, 12-story military building outside of Shanghai: PLA Unit 61398. The purpose of the building is a state secret, but Mandiant even put forth a serious estimation of what’s inside: 130,663 square feet, more than 1,000 servers, plus linguists, open-source software experts, and experts from various industries targeted by the hacking attacks.
For instance, 97% of attackers used Simplified Chinese as their keyboard setting, 98% of hackers were identified by their Internet protocol (IP) addresses as coming from China, and 99.8% of those were traced to Shanghai—Unit 61398’s neighborhood in particular. “The sheer scale and duration of sustained attacks against such a wide set of industries from a singularly identified group based in China leaves little doubt,” the report said.
But China dismissed that IP address argument, noting, as many Internet rights activists do, that it’s easy to fake IP addresses, and it’s unfair to use them to identify a person. “As we all know, hacker attacks almost always steal IP addresses. It is common practice online,” the release said. It even noted that China itself is a common victim of cyber attacks, and that “a considerable number of attack sources from the United States, but we did not as a pretext to accuse the U.S.”
Mandiant did acknowledge it was relying on Occam’s Razor, and that there’s a small possibility that the attacks were coming from somewhere else nearby. If they don’t originate from an army building, it’s possible they weren’t, actually, state-sponsored. Though that’s unlikely, Mandiant said, it conceded it’s possible that:
A secret, resourced organization full of mainland Chinese speakers with direct access to Shanghai-based telecommunications infrastructure is engaged in a multi-year, enterprise scale computer espionage campaign right outside of Unit 61398’s gates, performing tasks similar to Unit 61398’s known mission.
Immediately after Mandiant’s report, lawmakers who have pushed for CISPA—a bill privacy advocates strongly object to—cited it as justification for their longstanding claims that the U.S. is often cyber-attacked by the Chinese government.
But the Chinese Department of Defense seemed to object to that talk.
“China has always attached great importance to international cooperation in cyberspace, to jointly combat cybercrime,” the release said. “Unilateral public accusations in the media, is not only ineffective, it undermines the climate of cooperation.”
Photo of Chinese Defense Minister Gen. Liang Guanglie via Wikimedia Commons
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.