On Wednesday, the LA Times reported on information security company Mandiant’s outlook, due to which Hollywood may become the next target for Chinese state-sponsored hacking. Due to the news outlet, the cited report (according to my research not yet released) identified at least one hack into a major entertainment company, which it traced back to the People’s Liberation Army (PLA). The attackers reportedly stole executive email correspondence containing business intelligence with regards to “ongoing negotiations between the company and China on major new investments and expansion into the country.”
The Background
Mandiant has come to public attention after it released a report that exposed an enterprise-scale computer espionage campaign that stole vast quantities of information from organizations all around the world over the course of several years. Evidence provided by that report linked the operation of a group called APT1 to “China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398).”
The Outlook
According to the LA Times, Mandiant attributes the recent attack at “a leading U.S. entertainment conglomerate that produces and distributes creative properties worldwide” to the very same unit of the PLA. Correspondingly, so the report, “Mandiant has observed high rates of China-based cyber intrusions against industries that China’s state authorities consider strategic.” It was further stated that, now, entertainment does not seem to be different. As a result, Mandiant expects “China to increasingly target the film and entertainment industry.”
The article said the Mandiant report found the reasons for the expected targeting at Hollywood to be political and economic:
On the economic side, China has made a number of moves to invest in greater amounts of film production. To compete against U.S. companies, Chinese firms will need intellectual property as well as strategic information to give it more leverage for things like distribution.
On the political side, China’s Communist Party wants to stay on top of stories or films being developed that might affect the country’s image.
Mandiant’s recent observations seem to repeat, so the LA Times, what has been observed in Chinese politics before:
Over time […] China has developed a pattern of identifying major industries as being critically important and then launching cyber campaigns abroad to disrupt competitors and obtain intellectual property.
Final Note
Commercial facilities, including entertainment (e.g. motion picture studios) and media outlets, are an official critical infrastructure sector, and part of the Department of Homeland Security’s (DHS) sector-specific protection assignment. Although, in my eyes, the scale of any future cyber operations against Hollywood will hardly trigger a situation that calls for the military, the LA Times piece reminded me in the jurisdictional discussion on CYBERCOM and its assigned responsibilities:
The only critical infrastructure sector under the watch of the department of defense (DoD) is the defense industrial base. Nonetheless, in a February hearing before the Senate Committee on Armed Services, STRATCOM leader Admiral Haney (STRATCOM is superordinate to CYBERCOM) elaborated on his cyberspace priorities, which seem to be – potentially – adaptable to a wider range of critical infrastructures:
Cyberspace operations extensively support all of my other mission areas and there are significant negative impacts if that support becomes uncertain. Along with the need to protect U.S. critical infrastructure and intellectual property, information assurance is a critical facet of national power that underpins our ability to identify national security risks and to hold those threats in check. [p.6]
Leave a Reply