Public Power Daily Logo

Electrical grid said to be among targets of Chinese hackers


From the February 20, 2013 issue of Public Power Daily

Originally published February 20, 2013

By Jeannine Anderson
Managing Editor

Mandiant, an American computer security company based in Alexandria, Va., released a 60-page study yesterday concluding that China's government is likely behind a series of cyber attacks on dozens of U.S. corporations and government agencies over the past several years.

The New York Times, which first reported the study, said Mandiant identified cyber attacks coming from a 12-story office building on the outskirts of Shanghai that is home to Unit 61398 of the People's Liberation Army. The hacking group, which Mandiant called Advanced Persistent Threat 1, or APT1, "has systematically stolen hundreds of terabytes of data from at least 141 organizations," the computer security firm said.

"What most worries American investigators is that the latest set of attacks believed coming from Unit 61398 focus not just on stealing information, but obtaining the ability to manipulate American critical infrastructure: the power grids and other utilities," the Times reported.

"Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China's cyber threat actors," Mandiant said. APT1 "is believed to be the Second Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) Third Department, which is most commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398," the firm said. 

"The scale and impact of APT1's operations compelled us to write this report," the security firm said. "In an attempt to bolster defenses against APT1 operations, Mandiant is also releasing more than 3,000 indicators as part of the appendix to this report, which can be used with our free tools and our commercial products to search for signs of APT attack activity."

The Chinese Ministry of Defense denied that it is engaged in cyber espionage, The Washington Post reported yesterday. "The Chinese army never supported any hacking activities," the ministry said. "The accusation that the Chinese military engaged in cyber attacks is neither professional nor in accordance with facts."

The study is posted on Mandiant's website.


Ratings

Be the first to rate this item!

Please Sign in to rate this.

Comments

  Add Your Comment

(1000 of 1000 characters remaining)

Senior Vice President, Publishing 
Jeanne Wickline LaBella
202/467-2948
JLaBella@publicpower.org

Editorial Director
Robert Varela
202/467-2947
RVarela@publicpower.org

Editor, Public Power Daily
Jeannine Anderson
202/467-2977
JAnderson@publicpower.org

Communications Assistant
Fallon W. Forbush
202/467-2958
FForbush@publicpower.org

Manager, Integrated Media 
David L. Blaylock
202/467-2946
DBlaylock@publicpower.org

Integrated Media Editor 
Laura D’Alessandro 
202/467-2955 
LDAlessandro@publicpower.org