China is Cyber Guilty

By Paul Rosenzweig
Tuesday, February 19, 2013, 11:50 AM

Apropos of our discussion last week about "Taming the Cyber Dragon" today's New York Times has an extensive report on how China's army is directly linked to hacking inside the United States.  For those who want the unvarnished underlying analysis, the report from Mandiant (full disclosure: I have done a little bit of work for Mandiant as a private consultant) is a stunning read.  Entitled "APT1: Exposing One of China's Espionage Units" the report quite decisively attributes many of the most persistent cyber intrusions in America to Unit 61398, affiliated with the People's Liberation Army.  As I noted earlier, China's denials of responsibility are now the barest figleaf (the embassy says that Mandiant's allegations are "unprofessional") covering their malfeasance.

About the only thing that's wrong with this report is our response.  According to the Times, despite the mounting evidence the Administration is reluctant to explicitly name Unit 61398 or to identify the Chinese army as complicit in the intrusions.  Instead "Obama administration officials say they are planning to tell China’s new leaders in coming weeks that the volume and sophistication of the attacks have become so intense that they threaten the fundamental relationship between Washington and Beijing."  I guess they've taken the Washington Post's advice to speak more firmly to China.  Color me skeptical.