Mandiant Highlights Broad Range of Information Stolen from Victims
IT security provider Mandiant lists six categories of information that's commonly pilfered from business and government computers by hackers from a Chinese military unit it dubs APT1.
Mandiant's findings appear in a comprehensive report issued Feb. 18 that the security firm contends documents how APT1 has breached computers in enterprises that conduct business mostly in English, especially in the United States [see map below]. China denies the allegations presented in the report.
According to Mandiant, the data stolen relate to:
Mandiant says it's often difficult to estimate how much data APT1 has stolen during its intrusions because the People's Liberation Army unit deletes the compressed archives after it pilfer them, leaving only trace evidence that is usually overwritten during normal business activities.
IT security provider Mandiant lists six categories of information that's commonly pilfered from business and government computers by hackers from a Chinese military unit it dubs APT1.
Mandiant's findings appear in a comprehensive report issued Feb. 18 that the security firm contends documents how APT1 has breached computers in enterprises that conduct business mostly in English, especially in the United States [see map below]. China denies the allegations presented in the report.
According to Mandiant, the data stolen relate to:
- Product development and use, including information on test results, system designs, product manuals, parts lists and simulation technologies;
- Manufacturing procedures, such as descriptions of proprietary processes, standards and waste management processes;
- Business plans, such as information on contract negotiation positions and product pricing, legal events, mergers, joint ventures and acquisitions;
- Policy positions and analysis, such as white papers, and agendas and minutes from meetings involving high-ranking personnel;
- E-mails of high-ranking employees;
- User credentials and network architecture information.
Mandiant says it's often difficult to estimate how much data APT1 has stolen during its intrusions because the People's Liberation Army unit deletes the compressed archives after it pilfer them, leaving only trace evidence that is usually overwritten during normal business activities.
No comments:
Post a Comment