Knowing the truth was one thing; it was quite another to say it out loud: Mandiants report on APT 1.[contfnewc] Quelle: Jason Andrew/JA[contfnewc] [contfnewc] [contfnewc]
They had caught a global power in the act of spying on another global power, the United States of America, their country, on a jaw-dropping level. They had summed up their results in a report, 74 pages long. Their boss seemed determined to publish the report. It would expose the Chinese government in front of the whole world. They would of course deny everything and try to make it look like a big American conspiracy against them. Their relationship with the US was, after all, already very tense.
This meant that Laura Galante and her colleagues, employees of a private enterprise company for computer safety, would get involved in world politics
What a huge responsibility, was all Galante could think.
Kevin Mandia, her boss, was also nervous. With all he knew now, China could easily ruin his company, or harm him and his employees personally. If the Chinese cyber army were to take on his company, they would be so busy to fight them off that there would be no time left for their daily business. Or, even worse, there would be pictures of his undercover investigators all over the Internet. A company for computer safety that isnt able to protect itself would be finished in no time.
But Mandia simply couldnt forget the anger he felt every time China denied unapologetically fighting the US in cyber space. He was a patriot, had left the Air Force because he couldnt stand the rigid hierarchy. What his people had found out didnt leave him any choice, he felt. Of course it was possible that he would harm his own country; but it was also possible that he would do it a great service.
He didnt have to wait too long for an opportunity. On 12 February 2013, a Tuesday, President Obama gave his government declaration in Congress, saying that America was under threat, its national security in danger. He talked about hackers in China and Russia who were after American technologies and companies, those that make the American military the technically leading one in the world.
„We got off lightly in the end“
All of a sudden, the cyber war wasnt just something thats played out in secrecy anymore, watched only by a few nerds. The President of the United States had directed the attention of the American public towards the battle field of the 21st century. He talked publicly about whats at stake, to be seen and heard by everyone, on television, the radio, the Internet.
Perhaps it was a coincidence that Galantes boss was presented with this once in a lifetime opportunity, or perhaps there was something else behind it. Either way, Mandia knew what had to be done. The report that Galante and her colleagues had been working on for weeks, summarising the experience of his cyber warriors from over six years, ended up in the “New York Times”. They decided to make it their cover headline, one week after Obamas speech, with a long feature on a hacker group called APT1, a cyber division of the Chinese military.
Galante and her colleagues had needed a name; the acronym APT stands for “Advanced Persistent Threat”. From then on it also stood for the fact that the US dared to publicly accuse another country of leading a cyber war against them, as clearly as it had never been done before by any state. High ranking members of the government and of the American security services proceded to confirm the facts that Galante and her team had found about Chinas hackers.
Four years later, February 2017. Laura Galante watches from her office in Washington DC how planes take off in short cycles, soaring up into the perfectly blue sky.”Thank God, we got off lightly in the end”, she says. Whilst APT1 did attack her company, they clearly didnt mean to destroy it completely. China has ceased to deny that they attack other countries with cyber weapons, and they have started diplomatic negotiations with the US. These are only words for now, but she can also see that the attacks from China have decreased considerably.
Stil – China is only part of the whole truth.
For quite some time now, Galante has been watching an enemy which worries her, her company and the US-governement much more than the Chinese by now. She is now constantly dealing with Russian hacker groups, called APT 28 or APT 29, Cozy Bear or Fancy Bear. Nothing seems to be able to stop them.
In January 2015 the server of the Department of Defense of the USA was hacked. Months later the White House admitted that Russian hackers had also managed to get access to Obamas emails.
Then the French television channel TV5 Monde failed, there was only a black screen.
[contfnewc] [contfnewc] CYBERWARFARE[contfnewc] Putins shadow warriors[contfnewc] [contfnewc] [contfnewc] [contfnewc] [contfnewc]
A few weeks later a group of unkown suspects broke into the server of the German Bundestag and stole a large amount of data.
Today, the National Security Authorities of several countries agree that Russian secret services were behind both cases.
Then, a computer virus was discovered in a nuclear power station in Gundremmingen, Germany.
She can say the word „Bundestag“
Finally, in November 2016, shortly before the presidential election in the USA, emails appeared that had been stolen by hackers from the office of Democratic candidate Hillary Clinton. The whole thing grew into an affair that possibly helped swing the votes towards Donald Trump. Obama held President Vladimir Putin personally responsible, expelled 35 of his spies from the US and imposed sanctions against Russia.
Galante has studied all the most important Russian hacker groups, their weapons, their methods, their goals, again and again. They say that no one in the US knows more about them. She also studied the attack on the government district in Berlin in detail; she can say the word “Bundestag” with hardly any accent at all by now.
She would need an office at least twice the size of hers to physically show the picture of the organisation that German intelligence agents and cyber experts have created for internal use. It is full of computers, servers, domain addresses and lots of technical terms.
There are times when Galante thinks about the incredibly strategic ways these Russian fighters operate in – as though controlled by an invisible power. It reminds her of the Chinese army in the white tower in Shanghai. Secret services all over the world are convinced that these Russian hackers work on behalf of Putin.
“Everything points towards that fact”, Galante agrees.
However, there is an essential difference between Chinas and Russias cyber warriors. It is the main reason why Galante is so worried. The Russian hackers are more aggressive than anything she has seen before. They have attacked ministries all over the world, military networks, embassies and arms factories. They dont only spy, or steal secret documents, they manipulate elections and fabricate false news in order to put pressure on other governments.
Galante sees an arms race developing in cyber space, capable to unhinge the whole world. The president of the United States is under suspicion to have knowingly used the support of a Russian army of hackers to win the election. And the next aim of those Russian cyber warriors in their invisible war is likely to be Germany. The government district in Berlin and the party headquarters will be their target, everyone from German agencies and politicians to Galante herself agree on that.
Just recently one of the investigators came to Berlin and Frankfurt to get a better idea of the situation. When he came back, he had also learned to say a German word without accent. The word was “Angst” – fear.
[contfnewc] [contfnewc] [contfnewc] [contfnewc] [contfnewc] [contfnewc] [contfnewc] [contfnewc] [contfnewc]