An official, shadowy Chinese hacker group is reportedly responsible for more than 100 high-level attacks against major corporations and governments. The group, known as Advanced Persistent Threat” (APT1) was outed today in a 60-page report by security firm Mandiant, which has been tracking the army unit for six years.
The company also released a technical, step-by-step video (below) of how one of the hackers steals information. “The sheer scale and duration of sustained attacks against such a wide set of industries from a singularly identified group based in China leaves little doubt about the organization behind APT1,” concludes the report.
Even if most readers aren’t familiar with the highly technical language of the video, it’s fascinating to watch this alleged hacker sign up for a Gmail account and begin hunting for vulnerable targets. At the 1:00 mark, Mandiant shows the hacker exploiting a common technique known as “spear phishing”: sending innocuous emails to lure victims into sending sensitive information or accidentally downloading viruses.
First released to the New York Times, the report follows the hidden army unit to a single building on the outskirts of Shanghai. Within the white, 12-story office tower, the group reportedly targets the United States critical infrastructure (power grid, lines, waterworks, etc.) and large U.S. businesses.
“Mandiant has watched the group as it has stolen technology blueprints, manufacturing processes, clinical trial results, pricing documents, negotiation strategies and other proprietary information from more than 100 of its clients, mostly in the United States,” reports the Times. “Mandiant identified attacks on 20 industries, from military contractors to chemical plants, mining companies and satellite and telecommunications corporations.”
One attack, which coincided with Coca-Cola’s failed $2.4 billion acquisition of the China Huiyuan Juice Group, stole terabytes of data after one executive fell victim to a spear phishing email. The Chinese group was “busy rummaging through their computers in an apparent effort to learn more about Coca-Cola’s negotiation strategy.”
While Chinese officials vehemently deny the existence of the group, even President Obama has publicly acknowledged official attacks. “We know foreign countries and companies swipe our corporate secrets,” he said during the State of The Union. “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air-traffic control systems. We cannot look back years from now and wonder why we did nothing.”