Chinese Hackers Renew Attacks on U.S. Financial Firms

Hackers backed by China's military appear to have resumed a campaign of cyberattacks on U.S. businesses, the New York Times is reporting.

The hackers had halted their attacks after being unmasked in February, but have since begun to swipe secrets from many of the same victims they targeted previously, according to the publication, which cited information from digital security firm Mandiant.

Mandiant declined to identify targets in the latest attacks, according to the Times. A Mandiant spokeswoman did not respond immediately to a request for comment.

Since 2006, the group, dubbed APT1, has allegedly swiped business plans, technology blueprints, network user credentials and other information from hundreds of U.S. companies, including financial firms.

Kevin Mandia, Mandiant's founder and chief executive, recently told a Senate panel that APT1 hackers "initiate attacks by researching specific individuals online in order to send a seemingly legitimate email, but the fake or spoofed email would contain malware embedded in an attachment that appeared innocuous."

"We frequently see attackers compromise smaller companies with fewer security resources, and then 'upgrade' their access from those trusted, smaller companies to the main target," he said.

The hackers, who are said to operate from a Chinese military outpost in Shanghai, are now operating at between 60% and 70% of the level they had worked at previously, according to the Times, citing a study the publication requested from Mandiant.

The resumption of attacks follows charges recently by the Pentagon that the Chinese military has been hacking into U.S. computer networks and stealing secrets that relate to national security. "Mark my words, it's going to get worse," General Keith Alexander, who directs the National Security Agency and U.S. Cyber Command, told a Reuters cybersecurity summit last week.

The Chinese government has denied the allegations.

The attacks also have spurred a push by Congress to curb cyber theft. A bipartisan group of senators led by Armed Services Committee Chairman Carl Levin, D-Mich., recently introduced a bill that would require the Director of National Intelligence to compile an annual list of countries that engage in economic or industrial cyber espionage against U.S. firms.

The bill would authorize the President to block imports that contain technology allegedly stolen from U.S. firms and items made by a manufacturer that intelligence agencies say has benefitted from such theft.

For reprint and licensing requests for this article, click here.
Practice management Technology
MORE FROM FINANCIAL PLANNING