Cybersecurity Firm Says It Is Under Attack

Eamon Javers | @EamonJavers

Published 2:34 PM ET Wed, 20 March 2013 Updated 3:41 PM ET Wed, 20 March 2013 CNBC.com

Photographer | Collection | Getty Images

Mandiant, the cybersecurity firm that in February released a ground-breaking report detailing the suspected activities of a Chinese military hacking unit, told CNBC on Wednesday it is suffering the consequences of going public.

The firm said it saw "very aggressive reconnaissance" of its online systems after it published the report, which focused on a Shanghai-based Chinese Army unit known as the 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's 3rd Department.

And over the past 10 days, the firm's chief security officer said, Mandiant has found itself under a sustained distributed denial of service attack from computers based in China. "The attack has been sustained, and it's been directed out of China for the most part," said Richard Bejtlich, Mandiant's chief security officer.

However, he cautioned that Mandiant cannot say for sure who is behind the attack—or whether it even comes from the Chinese army unit singled out in its report.

Cyberattacks: Act of War? 1:39 PM ET Wed, 20 March 2013

"It could be a patriotic Chinese hacker, or it could be someone who doesn't like Mandiant very much who took over Chinese servers to attack us," Bejtlich said. "It's not sufficient for us to do attribution."

Mandiant's disclosure of a cyber counterattack comes even as U.S. Treasury Secretary Jack Lew is in Beijing meeting with Chinese government leaders. U.S. government officials said persistent hacking is one topic Lew is raising with the Chinese government officials he meets with this week.

Bejtlich said Mandiant has been able to detect changes in the behavior of the Chinese military unit it focused on since its report became public.

"They were caught off guard by this," he said. "I don't think they expected a private company to put this information out there."

He said Mandiant does not know what's caused the reduction in activity by the Chinese hacking unit, but it may be that they are pausing to assess how they were exposed and what to do about it. "I wonder if their commanders are saying, 'what do we need to do to fix our operations,'" Bejtlich said.

Bejtlich said Mandiant expected a response to its report and that so far the firm's cyberdefenses are holding up to the attack and no information has been compromised.

In the past, Chinese government officials have denied involvement in a systematic cyberespionage campaign against the United States.

-By CNBC's Eamon Javers; Follow him on Twitter: @eamonjavers

the latest Flash player

Playing

Watch Next...

var mps=mps||{}; mps._queue=mps._queue||{}; mps._queue.gptloaded=mps._queue.gptloaded||[]; mps._queue.gptloaded.push(function() { (mps && mps.insertAd && mps.insertAd('#dart_wrapper_badgec', 'badgec')); }); Hacking America

Cybersecurity Firm Says It Is Under Attack

Hacking America