February 20, 2013

White House weighs trade actions against China over cyberespionage

The White House is expected to suggest aggressive steps Wednesday in response to evidence that China's military is stealing government and corporate data.

The Associated Press

(Continued from page 1)

click image to enlarge

A U.S. security firm alleges that years of systematic cyberattacks on U.S. companies have been traced to the Chinese military unit in this building on Shanghai’s outskirts.

The Associated Press

APPLE, MACS HIT IN MALWARE ATTACK

Apple says a small number of Mac computers at its offices were infected by malicious software, in an attack similar to the one Facebook acknowledged last week.

In both cases, computers were infected through software downloaded from a site for software developers. The attacks took advantage of flaws in the Java plug-in for Web browsers.

Neither company said that there was any evidence that the attackers gleaned any data from their attacks.

The Java vulnerability is well known, and Apple has taken measures to disable the plug-in on all Macs. It says it would release an update malware removal tool to remove infections.

In January, the U.S. Department of Homeland Security recommended disabling Java in Web browsers to avoid hacking attacks.

– The Associated Press

Mandiant said there are only two viable conclusions about the involvement of the Chinese military in the cyberattacks: Either Unit 61398 is responsible for the persistent attacks or they are being done by a secret organization of Chinese speakers with direct access to the Shanghai telecommunications infrastructure who are engaged in a multi-year espionage campaign being run right outside the military unit's gates.

"In a state that rigorously monitors Internet use, it is highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai," the Mandiant report said, concluding that the only way the group could function is with the "full knowledge and cooperation" of the Beijing government.

The unit "has systematically stolen hundreds of terabytes of data from at least 141 organizations," Mandiant wrote. A terabyte is 1,000 gigabytes. The most popular version of the new iPhone 5, for example, has 16 gigabytes of space, while the more expensive iPads have up to 64 gigabytes of space. The Library of Congress' 2006-2010 Twitter archive of about 170 billion tweets totals 133.2 terabytes.

Richard Bejtlich, the chief security officer at Mandiant, said the company decided to make its report public in part to help send a message to both the Chinese and U.S. governments.

He said the release of an unclassified report that provides detailed evidence will allow authorities to have an open discussion about what to do.

The White House would not comment on the report expected Wednesday.

 

Were you interviewed for this story? If so, please fill out our accuracy form

Send question/comment to the editors




Further Discussion

Here at PressHerald.com we value our readers and are committed to growing our community by encouraging you to add to the discussion. To ensure conscientious dialogue we have implemented a strict no-bullying policy. To participate, you must follow our Terms of Use.

Questions about the article? Add them below and we’ll try to answer them or do a follow-up post as soon as we can. Technical problems? Email them to us with an exact description of the problem. Make sure to include:
  • Type of computer or mobile device your are using
  • Exact operating system and browser you are viewing the site on (TIP: You can easily determine your operating system here.)