Examining Mandiant’s attribution of ATPT1
The formation and organization of China’s cyber-espionage undertakings pose an essential threat to the United States’ general security and military operations. China has, over time, been able to obtain critical information and military technology illegally. The united states universities, research institutions, and the defense department have gradually fallen short of expectations in securing their computer network systems. This theft by China has brought frustrations to various American institutions, and it is evident by the losses of billions per year in the nation (Buchan & Navarrete, 2020, p. 7-13).
The emotive concern makes American institutions and state organizations, specifically the military vulnerable to theft of their products or access to their systems. This concern and the whole aspect of illegal entry of military systems by China is unthinkable basing on the consequences of having such information in the hands of unauthorized authorities. The United States must inaugurate private firms’ efforts or research industries to take this threat with the utmost concern and institute cybersecurity rules and policy. This is to ensure multiple and adequate cybersecurity protections.
Considering a scenario that the state is financing for the research and development, it is only prudent to depict that the financing includes surety that the information will be effectively guided from theft and illegal interference. I am firmly convinced that this cybersecurity model approach will identify the value of a defense-in-depth perspective and eradicate any conception that a lone solution can avert the Chinese from obtaining precious intellectual property from the American defense department.
In understanding the Chinese hacking system’s formation, analysis of their operation is of the utmost essence. The People’s Liberation Army (PLA) is a body of overall intelligence in China, and it carries out the nation’s cyber-espionage functions. Importantly PLA selects Chinese citizens going to the United States to facilitate their intelligence demands and promote vital and swift access to information. Essentially, PLA is a government initiative having a top mandate to acquire intelligence information for Chinese institutions (“Confronting China’s efforts to steal defense information,” n.d.).
That on or about 2013, the American prominent cybersecurity group Mandiant discovered a hacking group of Chinese origin. That the Chinese organization had illegally obtained huge data information, notably, the models of “F-35 Joint Strike Fighter”. That upon scrutiny, Mandiant gained extremely sufficient information about Unit 61398, their operations, and fields they had greatly affected by hacking and stealing their data and useful information. The Mandiant scrutiny provided vital information on the group’s location, nature of the operation, and leadership structure. Sagacious to denote that the effect of stealing such information for a continuous period of seven years leads to loss of billions to the United States institutions ( APT1: Exposing one of China’s cyber espionage units, 2013, p. 30-76). That the group had advanced by acquiring English speaking machines for their operation and recruiting engineering university students as formal employment.
The actions of prolific APT 1 lead to the stealing of hundreds of terabytes of data from Americans and configuring their locations worldwide. The discovery of Mandiant was very vital, and in a sense, it caught the eyes of the worldwide media, hence exposing the heist. The information got credible acknowledgment from the public and government institutions. The United States government condemned the Chinese sponsored operations of APT1 and held them liable for the loss and damage regarding the stolen data. The department of justice prosecuted five APT1 unit members for the damage to various American institutions’ intellectual property.
The Mandiant attribution indicated reasons why cyber-espionage has been complex to avert and proposed solutions- which in my prudent understanding, I concur with. The report is deducing that since some of the protocols are globally accepted and founded in a way that determines how information is sent and received. It means that any device linked to the internet contains a specific designator commonly termed as an IP internet protocol address. This process shows the starting and ending point of all information in the circumstance. That the Chinese Government did not restrict such operations, indicating a benefit to the government revenue. It is understood that Critics condemned China for not making efforts to protect other state’s sovereignty, further stating that such theft affected the economy of other countries.
The Mandiant attributions are acknowledged and supported in my own rational opinion because the findings indicated the united states’ purpose to accept private research institutions’ intervention to abet in protection against cybercrimes. Importantly, authorizing the American defense to obtain private networks. The prolific Homeland Security was integrated into the operations of the Defense-For reasons that Homeland Security does enjoin their actions with state and federal agencies to facilitate the quick assessment of vulnerability in the defense information systems (Aydin & Pusatli, 2015, p. 269-385). This step is recommendable in the cybersecurity strategy since Homeland Security is well versed and specialized. Further, the state of cybersecurity in 2013 was deplorably insufficient; complaints from the private sector for the need of amendments was sufficient evidence.
Mandiant’s attributions indicated the aspect of “Hack Back.” That the organization took such a step to investigate and expose the ATP1 operations since they were fed up with the usage of intellectual property without the Authority of the Americans, that despite hacking back having a certain degree of dangers and extreme controversies, it is only right to retain what rightly belongs to a person predominantly intellectual property. This is what constrained Mandiant to hack into the Chinese systems. Because the defense department is not going to be allowed to institute operations in the private sector to give cybersecurity protection, its to create a hack back; this is only attainable if private sectors are given limited and prescribed authority to hack and strictly take back that what belongs to them. Conversely, this process has to be guided by a policy to protect the interests of both parties.
An expensive cybersecurity system does not directly offer a solution to data theft, but if the same is implemented with efficient use and training, then a solution can be attained. It is important to deduce that Chinese cyber espionage attempts to permit theft of the defense intellectual property at an alarming rate. This shows a real struggle in the future to protect such actions. I firmly believe that the united states are at liberty to permit the defense department to govern and monitor private institutions associated with the defense. Summarily, overseeing the department of defense operations in any foreseeable transaction is critical to attaining the Mandiant objectives.
APT1: Exposing one of China’s cyber espionage units. (2013).
Aydin, F., & Pusatli, O. T. (2015). Cyber attacks and preliminary steps in cyber security in national protection. Advances in Digital Crime, Forensics, and Cyber Terrorism, 269-285. https://doi.org/10.4018/978-1-4666-8456-0.ch010
Buchan, R., & Navarrete, I. (2020). Cyber espionage. International Law. https://doi.org/10.1093/obo/9780199796953-0212
Confronting China’s efforts to steal defense information. (n.d.). Belfer Center for Science and International Affairs. https://www.belfercenter.org/publication/confronting-chinas-efforts-steal-defense-information