China’s Army Is Seen as Tied to Hacking Against U.S. - NYTimes.com
Mark Towfiq stashed this in Security
Stashed in: China!
Chinese army hacking traced by Mandiant. There is a link to the report in the article.
I found this article fascinating. I think it's funny they didn't give the exact google map URL to the site, so I went and found it myself!
I've started to read the report linked to by the article -- it is very meticulous. They include photos and explanations of how they linked this activity to the PLA Unit (which they even had to work hard to link as well, but managed to because of some Google references people had on their resumes before they were removed, presumably by government censors).
There's a whole other level not mentioned in the report. When I worked at SecondVoice, a virtual phone number voip company that allowed international assignment of virtual phone numbers, we found out that a whole bunch of US and US overseas voip traffic was going over some undocumented servers in Shanghai that were completely compromised.  We confronted the founder about it before shutting them down and blocking them, but it was definitely a huge security leak. We suspected the founder was either really incompetent or getting kickbacks. Â
So should this be considered an act of war?
According to current doctrines, there's been no need for "physical", aka steel-on-steel retaliation for anything of the sort.  I think it's been proposed, though, but without much traction. It's not seen as "proportional and justified". Â
There is a lot of language of war that really speaks more to the intent of who is speaking. One country's "act of war" is another's "cross-border incursion". I think certainly the US will have to dedicate resources to defense and countermeasures, as well as diplomatic efforts to curtail these actions (which seem to be a mix of corporate espionage and infrastructure destabilization). Unless, of course, the US could consider it an act of "cyberwar", meaning everything would be limited to cyber actions? It's the idea that this could spill into real war which I think is not justified.
As mentioned (either in the article or the paper itself, they are conflating in my mind), a senior Chinese official was quoted in January as having said that the accusations of Chinese-gov't sponsored cyber attacks were unprofessional as there was no concrete evidence.
I think this report changes that.Â
Adam, here's a great response to your question:Â We're Not In A Cyberwar With China, And Here's Why by @antoneg http://readwrite.com/2013/02/22/no-cyberwar-with-china
4:09 AM Feb 19 2013