Chinese military hacker unit cleaning up its tracks
When the computer forensic and incident response firm Mandiant publicly released their report on the Chinese military hacking unit dubbed APT1, they predicted that the group will be changing their attack techniques and their general behavior.
The forecast has proven correct, as the leaders of the U.S. Senate Armed Service Committee’s subpanel on emerging threats and capabilities had the opportunity to hear on Tuesday.
Mandiant CSO Richard Bejtlich testified before the committee that not only have they initially changed their attack infrastructure in order to trick researchers, but have also mostly stopped with the attacks for the time being, and have engaged in a cleaning operation aimed at deleting or changing some of their online presence in order to cover their tracks.
Kevin Mandia, the company’s founder and CEO says that the hackers working in the unit will now likely be redistributed to other similar units within – or working for – the People’s Liberation Army. According to their researchers, there are currently more than 20 APT groups with origins in China.
Bejtlich said that Chinese hackers are primarily interested in stealing American intellectual property and trade secrets, which they believe are the key to China’s continuous economic growth, The Hill’s Jennifer Martinez reports.
He also pointed out that small- and medium-sized companies are ideal targets, as they often don’t have the monetary means or technological resources to protect themselves from this type of attacks.