The American cyber security firm Mandiant, which worked with the New York Times to expose and counter a China-based hacking campaign, has released an extensive report that it says ties years of cyber attacks on U.S. corporations back to the Chinese military.
Mandiant says it can even narrow down the hackers to a specific military unit in the Chinese army, Unit 61398, and a specific location in Shanghai.
As part of its report, Mandiant released a video that purports to show one of the Chinese hackers in the act of attacking real, unsuspecting “English language” targets. The video says it tracks “actual attacker sessions and intrusion activities conducted by one specific Advanced Persistent Threat (APT) group, which Mandiant has named APT1.” In other words, APT1 is their name for the Chinese hackers.
The video, embedded above, moves quickly and is highly technical. It includes comments along the lines of “Here an APT1 actor uses a web C2 head web command and control server” and “now the APT1 actor is verifying that stolen credentials will work on a Microsoft Exchange email server.” Still, it’s hard to miss the big picture: the hacker behind that keyboard is trying a lot of tricks, both sophisticated and simple, to break into other people’s computers.
