The Mandiant report: APT1: Exposing One of China’s Cyber Espionage Units, has stirred up a lot of media attention over the past few weeks. The report was originally released to show evidence that a specific Chinese military unit has been behind many major Advanced Persistent Threats (APTs) within the United States. While the Chinese military have denied the accusations in the report, comprehensive information has been collected for six years showing where Mandiant worked with victims computers to monitor where the attacks where coming from, which pointed back to the Chinese government.
NTD Television broadcasted a program that discussed the implications of the report and what types of future actions we could possibly see emerge because of this. (Mandiant and Chinese Hacking Strategy, 2013). It was acknowledged that while the Mandiant report has no doubt risen public awareness of what APTs are and the seriousness of these types of attacks, it is very difficult to shift mass opinion, which is a slow process.
The Mandiant report may not show evidence of an immediate adjustment of organizational actions resulting in reducing or eliminating APTs, however it is hoped that this will serve as another building block in changing attitudes and preventing similar attacks. There have been media coverage in the past highlighting some of China’s ‘shady’ business practices, including findings published by Muddy Waters in 2011. While at the time it was reported that this had caused Chinese companies harm (Barboza & Azam, 2011), these types of stories in the US media tend to have a short life and are often forgotten quickly. As the NDT program alluded, this report will contribute to the overall challenge of raising awareness of the seriousness of these types of threats, however much will need to be done both in terms of US laws and regulations, and the strategies adopted by the private sector.
References:
- Barboza, D., & Ahmed, A. (2011). Muddy Waters Research Is a Thorn to Some Chinese Companies. (n.d.). DealBook. Retrieved from http://dealbook.nytimes.com/2011/06/09/muddy-waters-research-is-a-thorn-to-some-chinese-companies/
- Mandiant. (2013). APT1 Exposing one of China’s cyber espionage units. Retrieved from http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf
- Mandiant and Chinese Hacking Strategy. (2013). NDT Television. Retrieved from http://ntdtv.org/en/news/china/china-focus/2013-02-25/mandiant-and-china-s-hacking-strategy.html