Feeds

China breaks ceasefire, restarts hacking US government

Officials say it's time to move beyond 'jaw jaw'

Build a business case: developing custom apps

After a three-month hiatus, Chinese hackers are once again targeting US government sites, according to government officials and the security firm that first uncovered the attacks.

"They dialed it back for a little while, though other groups that also wear uniforms didn't even bother to do that," Kevin Mandia, the chief executive of Mandiant, told The New York Times. "I think you have to view this as the new normal."

Mandiant identified the hacking attacks as coming from Unit 61398 (also known as the 2nd Bureau of the People's Liberation Army's General Staff Department's 3rd Department). The attack team has used its time off to tweak its code slightly, the company said, and has set up new command and control servers. Attacks are at about 70 per cent of prior levels, Mandiant reports.

Unit 61398 is thought to be behind the attacks on the NYT, as well as successfully infiltrating RSA's SecureID system to enable a break-in at Lockheed Martin's servers. After being publicly identified, the group went dark, and the Chinese government insisted that it was more sinned against than sinning.

Government officials who spoke to the NYT said that patience with the Chinese hackers is running out. A report recommending action is due out on Wednesday from President Obama's former director of national intelligence, Dennis Blair, and former ambassador to China and Republican presidential candidate Jon Huntsman.

"Jawboning alone won't work," Mr. Blair said on Saturday. "Something has to change China's calculus."

Quite what the administration is prepared to do, however, remains in question. While the Pentagon has said it views some hacking attacks as worthy of a physical response, it's hard to imagine any such action would be taken against China or other nations engaging in hacking.

"It is becoming ever clearer that nation-states are institutionalizing cyberespionage and cyberwarfare," Torsten George, VP at security risk management vendor Agiliance told El Reg.

"Government secrets, high-value infrastructure assets, corporate data, IP, customer data are all continually at risk. Incoming threats are not volleys, they are akin to silent AK-47 automatic rifle fire, continuous and destructive."

It's not as though the US doesn't engage in this sort of behavior itself, as we've seen with the Stuxnet attacks. Admittedly, the US hasn't embraced such attacks for purely economic advantage (that we know about for sure) but the government seems to have had enough with China.

"This is something we are going to have to come back at time and again with the Chinese leadership," an official told the NYT, saying China will "have to be convinced there is a real cost to this kind of activity." ®

Next gen security for virtualised datacentres

More from The Register

next story
Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
Is this the real life? Is this just fantasy?
China building SUPERSONIC SUBMARINE that travels in a BUBBLE
Shanghai to San Fran in two hours would be a trick, though
Our LOHAN spaceplane ballocket Kickstarter climbs through £8000
Through 25 per cent but more is needed: Get your UNIQUE rewards!
LOHAN Kickstarter push breaks TWELVE THOUSAND POUNDS
That's right, folks, you've stumped up OVER 9000 beer tokens - and counting
SpaceX prototype rocket EXPLODES over Texas. 'Tricky' biz, says Elon Musk
No injuries or near injuries. Flight stayed in designated area
Galileo, Galileo! Galileo, Galileo! Galileo fit to go. Magnifico
I'm just a poor boy, nobody loves me. But at least I can find my way with ESA GPS by 2017
Astronomers scramble for obs on new comet
Amateur gets fifth confirmed discovery
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.