Chinese military hacker unit cleaning up its tracks
Posted on 20 March 2013.
When the computer forensic and incident response firm Mandiant publicly released their report on the Chinese military hacking unit dubbed APT1, they predicted that the group will be changing their attack techniques and their general behavior.

The forecast has proven correct, as the leaders of the U.S. Senate Armed Service Committee's subpanel on emerging threats and capabilities had the opportunity to hear on Tuesday.

Mandiant CSO Richard Bejtlich testified before the committee that not only have they initially changed their attack infrastructure in order to trick researchers, but have also mostly stopped with the attacks for the time being, and have engaged in a cleaning operation aimed at deleting or changing some of their online presence in order to cover their tracks.

Kevin Mandia, the company's founder and CEO says that the hackers working in the unit will now likely be redistributed to other similar units within - or working for - the People's Liberation Army. According to their researchers, there are currently more than 20 APT groups with origins in China.

Bejtlich said that Chinese hackers are primarily interested in stealing American intellectual property and trade secrets, which they believe are the key to China's continuous economic growth, The Hill's Jennifer Martinez reports.

He also pointed out that small- and medium-sized companies are ideal targets, as they often don't have the monetary means or technological resources to protect themselves from this type of attacks.


(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Mar 5th