Despite Denials, China No Doubt Sponsored Hacks, Insists Mandiant
Feb 20, 2013 1:18 PM PT
A study on Chinese hacking practices issued by U.S. security firm Mandiant sent shock waves Wednesday through the technology and business worlds.
A large number of cyberattacks on American corporations, organizations and government agencies are coming from a building near Shanghai that houses, as The New York Times describes it, the "People Liberation Army base for China's growing corps of cyberwarriors." Reuters, The Guardian and the Times were among those to report Tuesday on the Mandiant study's findings.
The 12-story structure is reportedly the headquarters for "P.L.A. Unit 61398." If the Mandiant report is accurate -- the Times said its findings were corroborated by American intelligence officials -- then it is difficult to imagine how it's not an indictment of the Chinese military.
In addition to Mandiant, other security firms have speculated that the group is "state-sponsored," according to the Times, whose article spanned five pages on its website. A National Intelligence Estimate issued a report for all 16 U.S. intelligence agencies that suggested that the hacking groups are "either run by army officers" or are contractors.
Chinese officials are adamantly denying the charges, asserting yet again that their government doesn't engage in hacking. China's Defense Ministry claims the Mandiant accusations are flawed and unreliable, according to Reuters. The ministry said the report relied solely on linking IP addresses to reach a conclusion, adding "everyone knows that the use of usurped IP addresses to carry out hacking attacks happens" almost daily.
The Ministry then pointed out that there is still no concrete international definition about "what consists of a 'hacking attack,'" which, in its eyes, further invalidates Mandiant's claims.
Google Faces EU Action Over Privacy
Regulators are particularly ticked about Google's melding of data across its platforms, based on claims from French privacy regulator CNIL. That move by Google combined 60 separate privacy policies into one. The company, which has long drawn the ire of European regulators, was given four months to revise its policy last October. Google said it has already complied with that policy; it told the BBC it "engaged fully" with CNIL and is still doing so.
A CNIL-led investigation has reportedly led to 12 recommendations for Google. Among them: Google should allow users to choose when their data is combined, and users should be able to opt out of having their data collected in this fashion.
Eastern European Bug Infects Apple
Some of Apple's internal Mac systems were infected by a malware attack that has been linked to "an Eastern European gang of hackers," according to Bloomberg.
At least 40 companies were reportedly targeted, including Facebook and Twitter. The hackers were trying to steal company secrets and intellectual property, Bloomberg reported.
Selective Updates to Occupy Melbourne Wiki Page
The Wikipedia page of Occupy Melbourne, an Australian version of Occupy Wall Street, was edited by someone using a City of Melbourne computer.
The edits removed "contentious words" from the page -- namely the word "peacefully" -- as well as a reference to how the protest was shut down, according to a report in The Age.
Sleuths with Occupy Melbourne discovered a City of Melbourne IP address; the City admitted it had indeed made the changes.