February 21, 2013
Chinese Media Slam Cyber-Hacking Report
China's state-controlled media are questioning the credibility of a report by a U.S. Internet security group that accuses the Chinese military of carrying out global cyber attacks.
The report by private security contractor Mandiant on Tuesday took unusually direct aim at the Chinese government. Mandiant says it can trace years of attacks on U.S. corporations by a group known as APT1 to a division of the People's Liberation Army.
To support its claims, Mandiant says it traced the IP (Internet Protocol) addresses, or computer identification codes, of many of the APT1 hackers to the Pudong neighborhood in the city of Shanghai, where the army's Unit 61398 is believed to be located.
China's rejection of the potentially embarrassing report has focused on what it says is the unreliability of using IP addresses to determine the location of hackers.
On Thursday, an editorial in the official Xinhua news agency described the report as "amateurish" and "full of loopholes." It argued it is "highly unlikely" Mandiant could determine the origin of specific attacks, since hackers often re-route them through foreign computers.
Jeffrey Carr, CEO of cyber security group Taia Global, is among experts who support that position, saying Mandiant did not provide proof the Chinese government is responsible for the APT1 group.
Carr says in a blog post that there are other explanations for the attacks, even though he is sure Beijing carries out "massive amounts of cyber espionage."
Carr argues that other governments or organized crime groups have both the motivation and the ability to carry out attacks such as those detailed by Mandiant. He also says it is unlikely that state-sponsored Chinese hackers would allow their IP addresses to be tracked.
China's government has not provided an alternative explanation for the attacks. It has also stayed silent about Unit 61398.