/ 20 February 2013

US hacking accusations are flawed, says China

Us Hacking Accusations Are Flawed, Says China

Claims by Mandiant, a US computer security company, that a secretive Chinese military unit is posssibly behind a series of hacking attacks are scientifically flawed and hence unreliable, China's Defence Ministry said on Wednesday.

The statement came after the White House said overnight that the Obama administration has repeatedly taken up its concerns about cybertheft at the highest levels of the Chinese government, including with Chinese military officials.

Mandiant identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries.

The Chinese defence ministry, which has already denied the charges, went further in a new statement, slamming Mandiant for relying on spurious data.

"The report, in only relying on linking IP address to reach a conclusion the hacking attacks originated from China, lacks technical proof," the ministry said in a statement on its website.

"Everyone knows that the use of usurped IP addresses to carry out hacking attacks happens on an almost daily basis," it added.

"Second, there is still no internationally clear, unified definition of what consists of a 'hacking attack'. There is no legal evidence behind the report subjectively inducing that the everyday gathering of online [information] is online spying."

Stolen 'terabytes of data'
As hacking is a cross-border, anonymous and deceptive phenomenon, by its very nature it is hard to work out exactly where hacks originated, the statement said.

Unit 61398 is located in Shanghai's Pudong district, China's financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations, Mandiant said in its report.

The unit had stolen "hundreds of terabytes of data from at least 141 organisations across a diverse set of industries beginning as early as 2006", it said.

Most of the victims were located in the United States, with smaller numbers in Canada and Britain. The information stolen ranged from details on mergers and acquisitions to the emails of senior employees, the company said.

But the Chinese defence ministry said China's own figures show that a "considerable" number of hacking attacks it is subjected to come from the United States.

"But we don't use this as a reason to criticise the United States," the ministry said.

China has worked with the international community to fight hacking and was determined to continue doing so, it added.

"Public criticism in the media from one side not only does not help matters but will also damage the atmosphere for cooperation." – Reuters