The question of whether the Chinese military is on a hacking offensive has largely been answered -- and, despite Chinese government protestations, it sure looks like a pretty big “yes.” However, beyond the widely reported infiltration of foreign companies, the question of what else it’s hacking remains hazy.
This all came out of a project by Kyle Wilhoit, a researcher at a security company called Trend Micro, that set up decoy “honeypots,” as decoy infrastructure systems are known, in 12 different countries. Wilhoit’s construction of a rural Missouri water plant honeypot attracted the notorious APT1, a crackerjack Chinese military hacking team sometimes known as Comment Crew, according to research he presented at the Black Hat security conference in Las Vegas. The group gained access in December 2012 through a Microsoft Word document containing malware unique to APT1.
“I actually watched the attacker interface with the machine,” he told the MIT Technology Review, referring to APT1. “It was 100 percent clear they knew what they were doing.”