Global cybersecurity firm FireEye has refuted claims that its US-based subsidiary Mandiant broke into the laptops of Chinese military hackers. In his new book titled “The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age”, the New York Times reporter and author David E Sanger has chronicled numerous examples of the impact of cyber activities on geopolitical conditions, including the infamous Chinese hacking group APT1. The scale and scope of the Chinese Army’s economic and industrial espionage targeting organisations for commercial gain including PT1 was uncovered by Mandiant after a multi-year investigation.
“In our APT1 report, we provided attribution for cyber espionage conducted by the Chinese PLA Unit 61398. As part of the APT1 report’s initial release, we coordinated with Sanger, giving him access to the methods we used to gather evidence of the attribution of APT1 to PLA unit 61398,” FireEye said in a blog post late Monday. “Sanger’s description of how Mandiant obtained some of the evidence underlying APT1 has resulted in a serious mischaracterization of our investigative efforts, the cyber security firm said.
“Specifically, Sanger suggests our investigators reached back through the network to activate the cameras on the hackers’ own laptops. We did not do this, nor have we ever done this. “To state this unequivocally, Mandiant did not employ ahack back’ techniques as part of our investigation of APT1, does not ‘hack back’ in our incident response practice, and does not endorse the practice of a hacking back,” FireEye added. Mandiant’s APT1 work is seen as a turning point among private cybersecurity reports.
“The company attributed over a hundred hacking attacks to a specific Chinese military unit, and publicly called that unit out for its operations,” Motherboard reported. The company said it does not fight hackers by hacking but by diligently and legally pursuing attribution with rigour and discipline. “APT1 was the result of Mandiant doing our part to expose risks and share information to help organisations better protect themselves, and we will continue to do our part – without hacking back,” FireEye said.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]