Feeds

China breaks ceasefire, restarts hacking US government

Officials say it's time to move beyond 'jaw jaw'

5 things you didn’t know about cloud backup

After a three-month hiatus, Chinese hackers are once again targeting US government sites, according to government officials and the security firm that first uncovered the attacks.

"They dialed it back for a little while, though other groups that also wear uniforms didn't even bother to do that," Kevin Mandia, the chief executive of Mandiant, told The New York Times. "I think you have to view this as the new normal."

Mandiant identified the hacking attacks as coming from Unit 61398 (also known as the 2nd Bureau of the People's Liberation Army's General Staff Department's 3rd Department). The attack team has used its time off to tweak its code slightly, the company said, and has set up new command and control servers. Attacks are at about 70 per cent of prior levels, Mandiant reports.

Unit 61398 is thought to be behind the attacks on the NYT, as well as successfully infiltrating RSA's SecureID system to enable a break-in at Lockheed Martin's servers. After being publicly identified, the group went dark, and the Chinese government insisted that it was more sinned against than sinning.

Government officials who spoke to the NYT said that patience with the Chinese hackers is running out. A report recommending action is due out on Wednesday from President Obama's former director of national intelligence, Dennis Blair, and former ambassador to China and Republican presidential candidate Jon Huntsman.

"Jawboning alone won't work," Mr. Blair said on Saturday. "Something has to change China's calculus."

Quite what the administration is prepared to do, however, remains in question. While the Pentagon has said it views some hacking attacks as worthy of a physical response, it's hard to imagine any such action would be taken against China or other nations engaging in hacking.

"It is becoming ever clearer that nation-states are institutionalizing cyberespionage and cyberwarfare," Torsten George, VP at security risk management vendor Agiliance told El Reg.

"Government secrets, high-value infrastructure assets, corporate data, IP, customer data are all continually at risk. Incoming threats are not volleys, they are akin to silent AK-47 automatic rifle fire, continuous and destructive."

It's not as though the US doesn't engage in this sort of behavior itself, as we've seen with the Stuxnet attacks. Admittedly, the US hasn't embraced such attacks for purely economic advantage (that we know about for sure) but the government seems to have had enough with China.

"This is something we are going to have to come back at time and again with the Chinese leadership," an official told the NYT, saying China will "have to be convinced there is a real cost to this kind of activity." ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
Is this the real life? Is this just fantasy?
Our LOHAN spaceplane ballocket Kickstarter climbs through £8000
Through 25 per cent but more is needed: Get your UNIQUE rewards!
Software bug caught Galileo sats in landslide, no escape from reality
Life had just begun, code error means Russia's gone and thrown it all away
LOHAN tunes into ultra long range radio
And verily, Vultures shall speak status unto distant receivers
SpaceX prototype rocket EXPLODES over Texas. 'Tricky' biz, says Elon Musk
No injuries or near injuries. Flight stayed in designated area
Galileo, Galileo! Galileo, Galileo! Galileo fit to go. Magnifico
I'm just a poor boy, nobody loves me. But at least I can find my way with ESA GPS by 2017
EOS, Lockheed to track space junk from Oz
WA facility gets laser-eyes out of the fog
prev story

Whitepapers

Gartner critical capabilities for enterprise endpoint backup
Learn why inSync received the highest overall rating from Druva and is the top choice for the mobile workforce.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.