Several reports have said that recent cyber attacks against Apple, Facebook, Twitter, and other tech giants have originated out of China, but a new report from Bloomberg asserts that these attacks are actually being conducted out of Eastern Europe.
Facebook announced on February 15th that it had been the subject of an outside attack on individual computers in its network, an attack based on a Java security breach. Apple told Reuters on Tuesday that it had also been the subject of such an attack, and the company released an update to the Apple-supplied Java runtime install to address the issue.
China has often been the accused perpetrator of attacks on U.S. companies. The New York Times, for instance, was the target of attacks from China whose intent appeared to be to get account names and passwords of employees. The Washington Post has also accused China of launching attacks against its network, though it called the efforts unsuccessful. In years past, Google was targeted by China as that country's security apparatus sought access to Gmail accounts owned by Chinese dissidents.
On Tuesday, CBS News, ABC News (on TV), and other outlets covered a report from U.S. security firm Mandiant that details systematic attacks from China, or more specifically from "a tall building on the outskirts of Shanghai, with satellite dishes on the top and a secure perimeter, which houses Unit 61398 of the People's Liberation Army."
Reports about this Unit 61398 of the People's Liberation Army are not new, and when the news of Facebook's attack, an attack on Twitter, and initially, the attack on Apple broke, news outlets were quick to name China as the source, or at least note that China been there and done that, as the kids (used to) say.
Enter Bloomberg, with a report published Tuesday evening that pins blame for the attacks not on the Chinese military, but rather on organized crime in "Eastern Europe." That's often a euphemism for "Russia," but in this case at least one server used in the attacks is hosted in the Ukraine, so think: former Soviet Union.
Citing unspecified investigators, Bloomberg made the case that the Apple, Facebook, Twitter and other tech giant attacks were more in keeping with the methods used by organized crime (in Russia). This included both the software used in the attack and the perceived aims.
The attacks on Apple, Facebook, and Twitter appear to have been designed to gain access to technology and other corporate IP that could be sold on the black market. Attacks attributed to China's military have more often been about control of networks, access to email, access to information, variations on a theme of information control.
There appear to be lots of very smart eyes on this. In addition to the tech giants themselves, law enforcement and U.S. security agencies are all working on the issue. Let's hope this attention results in better security going forward.