Thursday, February 21, 2013

Uncomfirmable Chinese Cyberware Unit implicated in US Cyberware attacks

Emblem of the People's Liberation Army
Emblem of the People's Liberation Army (Photo credit: thewamphyri)

 Occupy Corporatism  Susanne Posel

Mandiant Corp. claims to be the “ONLY information security company” that can inform a corporation when they have been compromised and explain the nature of such a breach. Mandiant has released a report stating that they “have analyzed . . . hundreds of investigations” that convince the firm that “the groups conducting these activities are based primarily in China and that the Chinese Government is aware of them.”
The Chinese corporation APT1 was alleged as having syphoned data from 141 corporations with more than 110 of those companies being American based while Canadian and British corporations were also reported to have been affected. Mandiant maintains that hackers responsible for these attacks were sponsored by the People’s Liberation Army (PLA) of China, under the cyberware division “Unit 61398”.
The Unit 61398 was previously known as the 2nd Bureau of the People’s Liberation Army’s General Staff Department’s 3rd Department cannot be confirmed because there no references to them in documents; however intelligence operatives assert that this group is central to Chinese espionage. Project 2049 Institute, a non-governmental organization (NGO) claimed that they are the “premier entity targeting the United States and Canada, most likely focusing on political, economic, and military-related intelligence.”
The Unit 61398 is purported to be located in Shanghai’s Pudong district, which is the center of the financial and banking core in China.
The Project 2049 Institute was established in 2008 to influence “decision makers toward a more secure Asia by the century’s mid-point.” They also provide information for the formation of public policy through research and suggested policy solutions.
On their Board of Directors are members of the Heritage Foundation, DynCorp, BAE Systems and a former deputy assistant of the US Department of Defense (DoD).
The report states: “Our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate.”
Spear-phishing techniques have been employed by hackers because it grants access to internal servers.
Kevin Mandia, founder and chief executive of Mandiant said: “Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
According to intelligence expert David Wise, China and the US have been engaged in a cyber-espionage war behind closed doors. The Chinese government, Wise explains, will send spies to targeted locations to syphon data by the way of hackers and surveillance; whereas the US government “would target . . . with satellites and produce reams of data.”
Kaspersky Lab has uncovered Operation Red October, (Rocra) a 5 year scheme by the Chinese and Russians to steal diplomatic, industrial and scientific data from Eastern Europe, North America and Asian organizations. Beginning in 2007, intelligence gathering operations were conducted in the form of attacks by cyber criminals toward Western nations. The thought is that this is in retribution on behalf of Iran for the damage caused to their country.
Kaspersky said: “The information we have collected so far does not appear to point toward any specific location; however, two important factors stand out: The exploits appear to have been created by Chinese hackers, (and) the Rocra malware modules have been created by Russian-speaking operatives.”
Although Kaspersky Lab admits that these attacks have not definitively been connected to China or Russia, it is assumed that the data collected would be yield a high price on the black market.
Kaspersky stated: “The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be, of course, anywhere.”
The US House Intelligence Committee (USHIC) is warning American corporations in a new report against conducting business with 2 Chinese firms because of national security threats. Both Huawei Technologies and ZTE, two of the world’s largest telecommunications corporations and suppliers of cellular phones and technology are being highlighted by the US government and blamed for cyber-attacks. It is also claimed by the USHIC that they are involved in digital espionage.
According to the report, “China has the means, opportunity, and motive to use telecommunications companies for malicious purposes. . . . The investigation concludes that the risks associated with Huawei’s and ZTE’s provision of equipment to U.S. critical infrastructure could undermine core U.S. national-security interests.”
It is claimed that former industry insiders provided intelligence to the US concerning Huawei’s violations of US laws such as immigration, bribery and corruption as well as an alleged “pattern and practice” using pirated software in its US satellites.
It was cited in the report that the Chinese corporations were employing intelligence sources as well as private sector companies and other unnamed entities that could and assumedly did steal trade secrets, sensitive information and prehistory data while simultaneously shipped infected hard ware and software to the US with the intent to cause disruptions in national security during war time.
Involved in the block against Huawei and ZTE is Timothy Geithner, US Treasury Secretary and shill for the Technocrats. Geithner who sits on a multi-agency regulatory panel called the Committee on Foreign Investment in the United States (CFIUS) has flagged these two Chinese corporations for national security threats.
The USHIC stated that they were not satisfied with the explanation given by the 2 corporations as to their relationship with the Chinese government and possible covert operations. Huawei retorts that this latest attack on Chinese technological and digital infrastructure is a cover for the crimes being committed by the US in conjunction with the Zionist regime, a.k.a. the Israeli government, with regard to the cyber-attacks on Iran.
Enhanced by Zemanta

Tuesday, February 19, 2013

China's Army controls a multitude of cutting-edge hackers...


BHP CEO Marius Kloppers steps down

BHP Billiton's chief executive has announced he will retire in May as the mining giant posted a 58 per cent fall in first half profit.

Google shares top $US800 for first time

GOOGLE'S shares hit $804.00 for the first time despite negative ad campaigns from Microsoft, while Wall St hits a five-year high.


Bendigo and Ade..10.42.26%
Flight Centre33.421.89%
Fleetwood Corp9.6-3.72%
Lend Lease Group10.2-2.12%
Wesfarmers Ltd39.29-1.68%
ComputershareChina's army control hundreds of
The Chinese army controls hundreds of hackers according to a US based IT security firm.  Picture: Annette Dew
CHINA'S army controls hundreds if not thousands of cutting-edge hackers, according to a report by a US Internet security firm.
Virginia-based Mandiant Corp said its hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies "are based primarily in China and that the Chinese government is aware of them".
The 74-page report focused on one group, which it called "APT1" from the initials "Advanced Persistent Threat". The New York Times, citing experts, said the group was targeting crucial infrastructure such as the US energy grid.
"We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support," Mandiant said.
The group, it said, was believed to be a branch of the People's Liberation Army called Unit 61398, and digital signatures from its cyberattacks were traced back to the direct vicinity of a nondescript, 12-story building on the outskirts of Shanghai.
"We believe the totality of the evidence we provide in this document bolsters the claim that APT1 is Unit 61398," it said, estimating it is "staffed by hundreds, and perhaps thousands of people".
China's defence ministry said its army had never supported any kind of hacking activity.
"Not only are reports that China's army has been involved in hacking unprofessional, they do not fit with the facts," the ministry said in a statement.
"Hacking attacks are a global problem. Like other countries, China also faces the threat of hacking attacks, and is one of the main countries falling victim to hacking attacks."
The country's foreign ministry rejected "groundless accusations" of Chinese involvement in hacking and also said China was itself a major victim, with most overseas cyberattacks against it originating in the US.
The Pentagon declined to comment directly on the report but said Defence Secretary Leon Panetta had voiced US dismay over digital threats in his visit to Beijing last year.
"We have repeatedly raised our concerns at the highest levels about cyber theft with senior Chinese officials, including the military, and we will continue to do so," spokesman George Little told reporters.
A series of brazen IT attacks on America's most high-profile media outlets, reported byThe New York Times and the Wall Street Journal, as well as on Twitter and others, have revived concerns over Chinese hackers.
The Times said hackers stole its corporate passwords and accessed the personal computers of 53 employees after the newspaper published a report on the family fortune of China's Premier Wen Jiabao.
Clients including The Times have hired Mandiant to clean up their systems after cyberattacks.
In its report, Mandiant alleged that APT1 - known also as "Comment Crew" for its practice of planting viruses on the comment sections of websites - has stolen hundreds of terabytes of data from at least 141 organisations spanning 20 industries.
The Times, which was given early access to the report, said the researchers had found that the Comment Crew was increasingly focused on companies involved in US infrastructure, including in its electrical power grid, gas lines and water works.
One target, the newspaper reported, was a company with remote access to more than 60 per cent of oil and gas pipelines in North America.
In his State of the Union address last week, US President Barack Obama said the potential ability of outsiders to sabotage critical US infrastructure was a major concern.
"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," he said.
The building pinpointed as the hacking HQ sits in Shanghai's northern suburb of Gaoqiao, near a petrochemical complex and surrounded by small shops.
There is no name plate outside, but framed posters showing soldiers are displayed on a high wall surrounding the complex, while the Chinese PLA's symbol of a red star is mounted over the main door of the building.

Read more: