Private US firms take major role vs. cyberattacks

Source: AP-Excite

By ANNE FLAHERTY

WASHINGTON (AP) - When Kevin Mandia, a retired military cybercrime investigator, decided to expose China as a primary threat to U.S. computer networks, he didn't have to consult with American diplomats in Beijing or declassify tactics to safely reveal government secrets.

He pulled together a 76-page report based on seven years of his company's work and produced the most detailed public account yet of how, he says, the Chinese government has been rummaging through the networks of major U.S. companies.

It wasn't news to Mandia's commercial competitors, or the federal government, that systematic attacks could be traced back to a nondescript office building outside Shanghai that he believes was run by the Chinese army. What was remarkable was that the extraordinary details - code names of hackers, one's affection for Harry Potter and how they stole sensitive trade secrets and passwords - came from a private security company without the official backing of the U.S. military or intelligence agencies that are responsible for protecting the nation from a cyberattack.

The report, embraced by stakeholders in both government and industry, represented a notable alignment of interests in Washington: The Obama administration has pressed for new evidence of Chinese hacking that it can leverage in diplomatic talks - without revealing secrets about its own hacking investigations - and Mandiant makes headlines with its sensational revelations.

FULL story at link.


Read more: http://apnews.excite.com/article/20130221/DA4J62DO0.html

---

Mandiant founder and CEO Kevin Mandia is seen in his office in Alexandria, Va., Wednesday, Feb. 20, 2013. Mandiant, started in 2004 by Mandia, a private technology security firm described in extraordinary detail efforts it blamed on a Chinese military unit to hack into 141 businesses, mostly inside the U.S., and steal commercial secrets. China denies the claim. (AP Photo/Jacquelyn Martin)