Posted by: Dan O'Connor
Now today the response from the US Government. I was not sure what to expect in a response or if there was even going to be one. Up until now silence has been the go to strategy.
At one point I remember reading that the Pentagon’s plan was to respond to cyber attacks as if they were kinetic. What do you classify these breaches against US companies? Does espionage cross the red line?
I think the US response is well measured, I don’t know if it will have any effect on the attacks or if they will stick to the it is not us line.
I found a little more information regarding Unit 61398 from the CBC. The last part about the usage of facebook and twitter is what really caught my eye.
Revealing tweets: And what helped Mandiant track down the source of hacking into more than 140 companies and organizations from the U.S. and elsewhere? Facebook and Twitter.
China’s “Great Firewall” of internet filtering blocks those U.S.-based social networks, but Unit 61398 operators got around that by accessing them directly from the unit’s system. Mandiant was able to see that Facebook and Twitter accounts were being accessed from internet protocol addresses connected to the unit. It’s not clear whether those accounts aided in hacking or were simply for the hackers’ personal use.
“These actors have made poor operational security choices, facilitating our research and allowing us to track their activities,” the report says.