When U.S. politicians argue that the country needs the controversial Cyber Intelligence Security Protection Act (CISPA)—the newly reintroduced bill that privacy activists vehemently oppose—this is what they’re talking about.
A major new report by cybersecurity consultant Mandiant says it’s traced an astounding number of cyber attacks on the U.S. to People’s Liberation Army Unit 61398: a single military building outside Shanghai, China.
Mandiant’s description of these attacks is nearly identical to those that members of Congress use when describing why the country needs drastically improved cybersecurity legislation—and CISPA in particular.
According to the report, an attacker codenamed APT1 [Advanced Persistent Threat], “has conducted a cyber espionage campaign against a broad range of victims,” is “likely government-sponsored,” and “has a well-defined attack methodology.” APT1 has reportedly attacked 141 companies in 20 different industries, searching for, among other things, technology blueprints, business plans, and partnership agreements.
Congressman Mike Rogers (R-Mich.), when reintroducing CISPA into the House Wednesday, alluded to attacks, particularly from China, that seem to fit that bill.
“We are in a cyber war. Most Americans probably don’t know it,” Rogers said at the conference. “And at this point, we’re losing. I have never seen anything so rampant.”
“Every single day they literally have thousands of cyberwarriors or cyberspies looking to steal your intellectual property,” he added.
CISPA, designed to help the government fight such attacks, is founded on the idea of information-sharing between private networks and the U.S. government. If it passes, an American company under cyber attack could easily and quickly share what it knows with federal agencies like the NSA, which is in the process creating its own cyber command center. But privacy advocates have resoundingly condemned the bill as a gross violation of privacy, saying the government shouldn’t have access to citizens’ online content without either a warrant or their permission.
Cementing its agreement with Rogers’s sentiments, Mandiant opened its report with a 2011 quote from the congressman, where he stressed that the cyber attacks weren’t Chinese civilians, but rather a government plan. “China’s economic espionage has reached an intolerable level,” he claimed. It also noted that China’s defense ministry has denied the existence of state-sponsored attacks.
Echoing Rogers, Mandiant said that the fact that it has traced attacks with such near-certainty to a military building meant the attacks were an official Chinese government operation.
“Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China’s cyber threat actors,” the report says. “We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support.”
CISPA coauthor Dutch Ruppersberger (D-Md.), who has clashed with privacy groups over the bill, indicated that APT1 is evidence of why CISPA is necessary.
“#CISPA: Because American businesses are under siege,” he tweeted, linking to a New York Times story on Mandiant’s report.
Photo of Unit 61398 via city8.com