Public Power Daily Logo

Electrical grid said to be among targets of Chinese hackers

From the February 20, 2013 issue of Public Power Daily

Originally published February 20, 2013

By Jeannine Anderson
Managing Editor

Mandiant, an American computer security company based in Alexandria, Va., released a 60-page study yesterday concluding that China's government is likely behind a series of cyber attacks on dozens of U.S. corporations and government agencies over the past several years.

The New York Times, which first reported the study, said Mandiant identified cyber attacks coming from a 12-story office building on the outskirts of Shanghai that is home to Unit 61398 of the People's Liberation Army. The hacking group, which Mandiant called Advanced Persistent Threat 1, or APT1, "has systematically stolen hundreds of terabytes of data from at least 141 organizations," the computer security firm said.

"What most worries American investigators is that the latest set of attacks believed coming from Unit 61398 focus not just on stealing information, but obtaining the ability to manipulate American critical infrastructure: the power grids and other utilities," the Times reported.

"Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China's cyber threat actors," Mandiant said. APT1 "is believed to be the Second Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) Third Department, which is most commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398," the firm said. 

"The scale and impact of APT1's operations compelled us to write this report," the security firm said. "In an attempt to bolster defenses against APT1 operations, Mandiant is also releasing more than 3,000 indicators as part of the appendix to this report, which can be used with our free tools and our commercial products to search for signs of APT attack activity."

The Chinese Ministry of Defense denied that it is engaged in cyber espionage, The Washington Post reported yesterday. "The Chinese army never supported any hacking activities," the ministry said. "The accusation that the Chinese military engaged in cyber attacks is neither professional nor in accordance with facts."

The study is posted on Mandiant's website.


Be the first to rate this item!

Please Sign in to rate this.


  Add Your Comment

(1000 of 1000 characters remaining)