In case you missed it, the cybersecurity firm Mandiant just released a bombshell report (pdf) on how nearly 150 sophisticated hacking attempts against American corporations and government agencies over the past decade almost certainly originated from a single Shanghai office building controlled by People’s Liberation Army (PLA). The hacking group, dubbed APT1 in the report, launches its attacks from roughly the same address in the city’s Pudong New Area as the one used by the PLA’s Unit 61398, a probable cyberwar division.
The BIG 3…….We are not talking about Chevy, GMC and Ford.
1. Jack Wang, a.k.a. Wang Dong, a.k.a. UglyGorilla: In 2007, UglyGorilla authored the first known sample of a widely used family of Chinese malware and brazenly left his signature in the code: “v1.0 No Doubt to Hack You, Writed by UglyGorilla, 06/29/2007.”
2. DOTA, a.k.a. Rodney, a.k.a. Raith DOTA may have taken his or her name from the video game “Defense of the Ancients,” commonly abbreviated DotA.
3. Mei Qiang, a.k.a. SuperHard: They believe he (or she; it’s hard to know) used the email address email@example.com, which, based on Chinese habit, suggests that the user is named Mei Quiang and born in 1982. They also traced SuperHard to Shanghai’s Pudong New Area—information that should give US security experts plenty of leads, assuming the hacker hasn’t been fired yet.
If the Mandiant report is accurate, the three hackers work for an organization called APT1, which is really a unit of China’s People’s Liberation Army (PLA) called Unit 61398. (Another possibility is that APT1 is an outside hacker group directed by the Chinese Army unit.)
Either way, Mandiant claims to have traced massive hack attacks involving terabytes of stolen data back to an unfashionable district of Shanghai where PLA Unit 61398 operates from this shabby, heavily fortified 12-story building.
That building, according to top notch guesswork by Mandiant, employs not just UglyGorilla, Superhard and Raith, but hundreds or thousands of other English-speaking computer, security and hacking experts whose full-time job is to break into the networks of foreign companies, US defense contractors and foreign government agencies in order to steal whatever they can and use it for whatever purposes help the rise of China as an economic and military power.
Presumably, stolen trade secrets are handed over to Chinese companies to give them an advantage over their foreign rivals.
For example, when Google was hacked by the Chinese government nearly four years ago, presumably the “trade secrets” alleged by Google to have been compromised in the attack were handed over to the Chinese alternative to Google Search, called Baidu.
The Chinese government is “the most sophisticated and prolific” hacker of foreign companies and that China’s aggressive policy of stealing information from foreign businesses will leave the United States “disadvantaged economically” because of the American sense of “fair play.”
So welcome to the new digital age. Cyber warfare, industrial espionage and state-sponsored hacking are suddenly just business as usual.