Global Sources
EE Times-India
 
EE Times-India > EDA/IP
 
 
EDA/IP  

China ardently denies cyperspying accusations

Posted: 19 Jun 2014     Print Version  Bookmark and Share

Keywords:China  online espionage  cyber security 

It's possible that some of the attacks are spoofed, according to Laura Galante, manager of threat intelligence at Mandiant, who worked on both the February 2013 APT1 and an update published in April of this year.

Galante said in an interview with EE Times:

It took years to put together the APT1 report because we wanted it to be definitive. It's a matter of following breadcrumbs to find the larger story. The persona called Ugly Gorilla, say, would sign his malware tools and we'd see that a lot in 2010 and 2009. Then those signatures would fade out in 2011 and 2012, but we continued to see the same tools, so we'd look to see where he had posted under that name in an email or a message bloc or a domain registry or anywhere he might have used that name.

Mandiant was able to identify between 20 and 25 separate groups launching attacks on its customers outside China. The group nicknamed Comment Crew for the notations made in their malware tools, however "blew everyone else out of the water," Galante said.

"They specifically were so pervasive in networks of clients in the Fortune 50 or Fortune 500 that we felt it was clear there was something different about them," Galante said.

It's impossible to know for certain that the Comment Crew was working on the orders of Chinese government officials, but evidence tying it to specific attacks, the companies chosen as targets and the type of information stolen match up so closely with priorities or goals announced by the central government that it's hard to imagine anyone not working for the government would go to the trouble.

"Making a specific attribution takes a lot of work because you want to be right," Galante said. "But we did the research and were able to make a solid judgement of who might be supporting that activity."

The Mandiant report made enough of a splash, however, that China's dismissal of it as "groundless accusations" came not from a Foreign Ministry spokesman, but from Chinese Premier Li Keqiang, just two days after taking office.

Hacking is a "worldwide problem and in fact China itself is a main victim of such attacks," Li said at a press briefing March 15 shortly after being sworn in as Premier. "China does not support—in fact it is opposed to—hacking attacks."

- Kevin Fogarty
  EE Times


 First Page Previous Page 1 • 2 • 3



Comment on "China ardently denies cyperspying ac..."
Comments:  
*  You can enter [0] more charecters.
*Verify code:
 
 
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

 

Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

 
Back to Top