Saturday, September 16, 2017

Chinese Cyberwarfare


US Mandiant has exposed China's Cyber Espionage Units,abbreviated as (APT1) 
It's hard to believe that we've reached the end of another year. In the realm of cybersecurity, 2013 was a memorable year not for breaches, but for tectonic-level shifts that completely changed how we perceive cybersecurity and its impact on how we run our businesses, how our leaders govern, and more importantly, how we understand national security. In other words, for those in the C-Suite, technical issues were tangible business problems. This was highlighted by our APT1 report and the growing awareness that cybersecurity threats aren't just irritating, they severely impact an organization's bottom line

The principal US Mandiant® Intelligence Center™ which specialized on mass media has released an unprecedented report exposing APT1′s multi-year, enterprise-scale computer espionage campaign. APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen.

The term APT1 is referred to one of the numerous cyber espionage campaign that stolen the major quantity of information all over the world. The evidences collected by the security experts link APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398) but what is really impressive is that the operation have been started in the distant 2006 targeting 141 victims across multiple industries. During the attacks the attackers have took over APT1 malware families and has revealed by the report APT1′s modus operandi (tools, tactics, procedures) including a compilation of videos showing actual APT1 activity.

The Mandiant has also identified more than 3,000 indicators to improve defenses against APT1 operations and is releasing a specific document that will address them including APT1 indicators such as domain names, IP addresses, and MD5 hashes of malware. APt1 has systematically stolen hundreds of terabytes of data from victim organizations and has demonstrated the capability and intent to steal from dozens of organizations simultaneously. APT1 is a persistent collector, once APT1 has established access, they periodically access to victim’s network stealing sensible information and intellectual property for a long time, typically maintaining access to victim networks for an average of 356 days. The longest time period APT1 maintained access to a victim’s network was 1,764 days, or four years and ten months. Mandiant managers have decided to make an exception to its traditional non-disclosure policy due the risks related to the imposing cyber espionage campaign and its impact on global economy, many states  related industries are victims of the offensive.










The Media intelligence asserted that "It is time to acknowledge the threat is originating from China, and we wanted to do our part to arm and prepare security professionals to combat the threat effectively. The issue of attribution has always been a missing link in the public’s understanding of the landscape of APT cyber espionage. Without establishing a solid connection to China, there will always be room for observers to dismiss APT actions as uncoordinated, solely criminal in nature, or peripheral to larger national security and global economic concerns. We hope that this report will lead to increased understanding and coordinated action in countering APT network breaches.'' The cyber war has started a long time ago!

Time

Time in Turkey:

Languages

Location

Recent Post