It certainly took some consideration and a long hard look at evidence in a report that sat for a year, but the Justice Department formally issued charges against China for cyber-spying. Secondarily, information stolen was used as a means to copyright infringement and the flow of illegal and cheap goods into the U.S.
Over a year ago, Northern Virginia cybersecurity group Mandiant released their report with a sense of personal outrage. Stating the actions of this particular group from The People's Liberation Army operating out of an innocuous looking building in Shanghai was directly responsible, it challenged the U.S. Government to act upon this Advanced Persistent Threat (APT).
In addition to the report, Mandiant is releasing more than 3,000 APT1 indicators to expose and degrade APT1’s infrastructure and allow organizations to bolster their defenses against APT1’s arsenal of digital weapons. The indicators released in conjunction with the report include domain names, MD5 hashes of malware and X.509 encryption certificates.
Here are the domain names, IP addresses, all routed to this location. After gaining consensus throughout the Information Security Community, it looks like the White House is finally ready to act, and through Attorney General Eric Holder, our salvo has been launched that this shall not stand.
The net reaction has been swift denial on China's part. The threat landscape will continue to be speckled with malware and perhaps bolder attacks on enterprise infrastructure. A simple spearfishing campaign can create a backdoor into a company if not safeguarded.
After the DOJ’s announcement, China immediately pulled out of a bilateral cyber working group and lodged a formal protest urging the U.S. to withdraw the charges.
A more aggressive response could be on the way, experts say, perhaps in the form of new cyberattacks.
“I think we’re going to see retaliation from the patriotic hackers in China,” said Richard Bejtlich, a security strategist with the cybersecurity company FireEye and nonresident senior fellow at the Brookings Institution.
Best advice is to stay vigilant, utilize an active security program comprising antivirus, anti-malware, drop in some security awareness training, and read the news. Ultimately it is a war over commerce. China does not want to engage in a holy war for territory, they have enough of that. It is about economics and being #1 in the world trading. The more you pay them for cheap goods, the more you undermine the United States.
No comments:
Post a Comment