China slams cyberattack accusations over lack of proof

February 19th, 2013 by admin Leave a reply »

China is refuting a report that names its military as the source of recent cyberattacks against the U.S.

A report released this week by U.S. security firm Mandiant linked the People’s Liberation Army to a large number of cyberattacksagainst U.S. corporations, government agencies, and other organizations. The report specifically pointed the finger at Chinese military Unit 61398, noting that digital forensic evidence led investigators to the building housing that unit.

China’s response?

As expected, the government has criticized the report, citing a lack of hard evidence. In a press conference held by China’s Department of Defense News Affairs, Defense Ministry representative Geng Yansheng challenged Mandiant’s findings.

Yansheng claimed the report relied on the use of IP addresses to trace the attacks to China. But such addresses are commonly stolen and used by hackers, he noted. Therefore, it’s difficult to know the exact source of a hacking attempt.

“Everyone knows that the use of usurped IP addresses to carry out hacking attacks happens on an almost daily basis,” he said, according to Reuters.

Yansheng also asserted that there is no standard international definition of what constitutes a cyberattack.

“There is no legal evidence behind the report subjectively inducing that the everyday gathering of online (information) is online spying,” he said, Reuters added.

Finally, Yansheng called it irresponsible for Mandiant to publish such a report since cyberattacks are conducted anonymously, leaving uncertainty as to their source.

Turning the tables to portray China as the victim, Yansheng also said his country is one of the main targets of cyberattacks.

A Google translated version of the press release has Yansheng saying, “According to statistics, the Chinese armed forces access to the Internet user terminal suffered a large number of foreign attacks[. A]ccording to the IP address of the display…a considerable number of attack sources [were] from the United States, but we did not…accuse the U.S. side.”

Yansheng also reiterated the claim that China forbids hacker attacks and that the government has always cracked down on such criminal activities.

Despite China’s protestations, the United States remains concerned over the reported cyberattacks. The U.S. government is “eyeing fines, penalties, and other trade restrictions” against the country, according to the Associated Press, even as it pursues more diplomatic channels.

“We have repeatedly raised our concerns at the highest levels about cybertheft with senior Chinese officials, including in the military, and we will continue to do so,” Caitlin Hayden, spokeswoman for the White House’s National Security Council, said in a statement. “The United States and China are among the world’s largest cyberactors, and it is vital that we continue a sustained, meaningful dialogue and work together to develop an understanding of acceptable behavior in cyberspace.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Leave a Reply