The past few days have been interesting. Mandiant released a report outlining incredible details about China’s Unit 61398. Most of the cyber experts with whom I’ve spoken are surprisingly quiet. Either they’re tired of all the reporting that ends up with a whole pile of Congressional inaction or they’re just tired.
A friend of mine asked me about 61398, but the way he asked lead me to believe he was thinking more strategically. I like that… Here is my response.
The objective of 61398 is probably to:
- Gather intelligence about US corporate networks
- Gain and document access to R&D centers
- Gather any and all documentation of a whole long list of technologies
- Emplace sniffers detecting new data and documentation
- Emplace weapons for future use
Strategic purpose. Gain economic advantage over the US and prepare for future economic warfare.
Yes, it’s about long term power. BUT… I’ve heard it from Chinese experts and from the Chinese themselves that they don’t believe China will ever become a superpower. They seek, it seems, to incrementally improve their position. Just between us girls, that’s bullshit. I’ve talked with Chinese officials. They love their country and they believe in its greatness and, especially, its great potential. China does not do things on a small scale. They go big or they don’t go. If you look at Shanghai you will see a city that has literally transformed itself in the past 20 years. Beijing is cool but Shanghai is leaping into the future. I believe China, as a whole, is trying to do the same thing.
Right now, in light of the Mandiant report, I’d say the Chinese are questioning if the juice is worth the squeeze. If cooler minds prevail in China, however, they’re going to change tactics (not strategies) and find a way to be quieter. I’ve warned the Chinese countless times ‘you’re too [fucking] loud, you’re caught too often’.
Kaspersky has been surprisingly quiet about this. Lately they’ve been releasing all the loud reports, now Mandiant has caught the headlines by storm… Expect a glaring expose from Kaspersky in the near future. Oh, and the SecDev Group in Canada, who released the Grey Ghost report? Their stuff is usually very, very good. This is Mandiant’s first home run in the cyber world, their security chief was their leading advocate, now this. Good job, Mandiant!
So… the corporate world has taken the lead in the cybersecurity world, once again. Government works at the speed of… oh, wait, they don’t, and now with the sequestration looming, caused by Congressional politicking – caused by stupidity I’d say, the only people that actually do any work are in the private sector. IR&D, Internal Research and Development, drives the future. Government contracts are not being offered. There is a new business model in town.
- Portrait of accused China cyberspy unit emerges (sfgate.com)
- A look at Mandiant, allegations on China hacking (sfgate.com)
- Is Mandiant a ‘digital Blackwater’? (wfaa.com)
- Shhh, Don’t Tell Anyone! Mandiant Credits Anonymous with Helping Uncover China Hacking (my.firedoglake.com)
- Who are the Chinese military hacker Unit 61398, and what are they trying to accomplish? (theprovince.com)
- China Cyberwarfare Evidence Now Undeniable – Mandiant (blogs.defensenews.com)