Rich Bejtlich said the roughly two-dozen groups the firm tracks closely – some of which have links to the Chinese government and military – have been “very busy.” Bejtlich said, has been a noticeable drop in cyber attacks from Unit 61398, a group within the People’s Liberation Army that Mandiant has accused of attempting to hack nearly 150 victims over seven years. Bejtlich’s remarks come a day after Verizon Communications Inc. released a report on cybersecurity in cooperation with 19 other organizations analyzing 47,000 security incidences in 2012 and 621 confirmed data breaches.
She said that China was building a working group on cybersecurity with the U.S. to strengthen cooperation, trust, and constructive dialogue, adding that China hopes both countries will gain a better understanding of explicit breaches and strengthen cybersecurity.
Some have also specifically criticized the Mandiant report, saying it didn’t include thorough analysis of alternative explanations for the cyberattacks it documented, while others have noted that all computer-security companies have an interest in emphasizing threats.
Fang Fenghui, chief of staff of the People’s Liberation Army, said cyberattacks could be “as serious as a nuclear bomb” while simultaneously denying that the PLA was behind cybersyping aimed at U.S. companies.
Nonetheless U.S. officials have remained skeptical that dialogue will slow the pace of attacks from China aimed at U.S. companies, as acquiring trade secrets and intellectual property from U.S. companies is a part of its efforts to beef up weaker industries and those deemed key to national security.
“We’re at this log jam where there’s overwhelming evidence on the classified and unclassified sides that says the Chinese are doing this, and that there are military units [involved], but the Chinese deny it,” Mr. Dempsey said he had not discussed with Chinese officials any specific measures the U.S. might take in response to cyberattacks or what any potential cybersecurity code of conduct might involve. “Cyber continues to evolve whether we would like it to or not,” he said, adding that both sides were still in a phase of trying to understand the problems that needed to be solved.
Link: http://blogs.wsj.com/chinarealtime/2013/04/24/mandiant-no-drop-in-chinese-hacking-despite-talk/