Monday, December 9, 2013
The Associated Press
(Continued from page 1)
A U.S. security firm alleges that years of systematic cyberattacks on U.S. companies have been traced to the Chinese military unit in this building on Shanghai’s outskirts.
The Associated Press
APPLE, MACS HIT IN MALWARE ATTACK
Apple says a small number of Mac computers at its offices were infected by malicious software, in an attack similar to the one Facebook acknowledged last week.
In both cases, computers were infected through software downloaded from a site for software developers. The attacks took advantage of flaws in the Java plug-in for Web browsers.
Neither company said that there was any evidence that the attackers gleaned any data from their attacks.
The Java vulnerability is well known, and Apple has taken measures to disable the plug-in on all Macs. It says it would release an update malware removal tool to remove infections.
In January, the U.S. Department of Homeland Security recommended disabling Java in Web browsers to avoid hacking attacks.
– The Associated Press
Mandiant said there are only two viable conclusions about the involvement of the Chinese military in the cyberattacks: Either Unit 61398 is responsible for the persistent attacks or they are being done by a secret organization of Chinese speakers with direct access to the Shanghai telecommunications infrastructure who are engaged in a multi-year espionage campaign being run right outside the military unit's gates.
"In a state that rigorously monitors Internet use, it is highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai," the Mandiant report said, concluding that the only way the group could function is with the "full knowledge and cooperation" of the Beijing government.
The unit "has systematically stolen hundreds of terabytes of data from at least 141 organizations," Mandiant wrote. A terabyte is 1,000 gigabytes. The most popular version of the new iPhone 5, for example, has 16 gigabytes of space, while the more expensive iPads have up to 64 gigabytes of space. The Library of Congress' 2006-2010 Twitter archive of about 170 billion tweets totals 133.2 terabytes.
Richard Bejtlich, the chief security officer at Mandiant, said the company decided to make its report public in part to help send a message to both the Chinese and U.S. governments.
He said the release of an unclassified report that provides detailed evidence will allow authorities to have an open discussion about what to do.
The White House would not comment on the report expected Wednesday.