Kevin Mandia

141 times we did investigations and it went back to this bucket of evidence or fingerprints to APT1. They're unbelievably persistent. Like you get these guys out of your network, they're just back the next day. There was no doubt they were badging into a building and this was their job.

141 times we did investigations and it went back to this bucket of evidence or fingerprints to APT1. They're unbelievably persistent. Like you get these guys out of your network, they're just back the next day. There was no doubt they were badging into a building and this was their job.

Well, I would think it is, and it's taking direction from the PLA. And that's why we've released this report, is there's all this public disclosure now that it's China behind lots of these intrusions.

Well, I would think it is, and it's taking direction from the PLA. And that's why we've released this report, is there's all this public disclosure now that it's China behind lots of these intrusions.

I just went into the office by myself and right around 7.30 in the morning, my wife at the time called and literally, this is how I knew we were on the news. I didn't know CNN was filming outside the building, Nicole. The exact words from my wife at the time was, what in the F did you do? And I said, what are you talking about? She's like, turn on the TV. Your name is on every station.

I just went into the office by myself and right around 7.30 in the morning, my wife at the time called and literally, this is how I knew we were on the news. I didn't know CNN was filming outside the building, Nicole. The exact words from my wife at the time was, what in the F did you do? And I said, what are you talking about? She's like, turn on the TV. Your name is on every station.

And I'd never told her we were writing the report. I never really thought to, you know, or anyone for that matter. We didn't even tell the Mandiant board about it till maybe one day prior. Hey, we're going live tomorrow with a report that pins China's PLA unit 61398 to 141 intrusions, primarily to US companies. I just didn't think it was going to be news.

And I'd never told her we were writing the report. I never really thought to, you know, or anyone for that matter. We didn't even tell the Mandiant board about it till maybe one day prior. Hey, we're going live tomorrow with a report that pins China's PLA unit 61398 to 141 intrusions, primarily to US companies. I just didn't think it was going to be news.

Somebody jumps out of an alleyway and starts hitting me in the face to rob me, I don't block punches going, who are you? I just defend myself, you know?

Somebody jumps out of an alleyway and starts hitting me in the face to rob me, I don't block punches going, who are you? I just defend myself, you know?

However, I came to understand over time attribution absolutely matters to hold nations accountable. We need to have rules of engagement in cyberspace.

However, I came to understand over time attribution absolutely matters to hold nations accountable. We need to have rules of engagement in cyberspace.

By the time we showed up, it was valid credentials, a user ID and passphrase, log in. And you could tell their operators you're used to just sitting at a desk for eight hours a day. And we're probably getting paid by the pound. Just take everything you can. Because I used to call it the tank through the cornfield.

By the time we showed up, it was valid credentials, a user ID and passphrase, log in. And you could tell their operators you're used to just sitting at a desk for eight hours a day. And we're probably getting paid by the pound. Just take everything you can. Because I used to call it the tank through the cornfield.

So it wasn't just hacking for security reasons, which the defense industrial base to me would be between the goalposts for fair game for espionage. And I think everybody would nod to that and go, yeah, that's fair game. They make weapons, they make planes. And for security purposes, you may want to know what's the next weapon system going to look like. So you hack in and find out.

So it wasn't just hacking for security reasons, which the defense industrial base to me would be between the goalposts for fair game for espionage. And I think everybody would nod to that and go, yeah, that's fair game. They make weapons, they make planes. And for security purposes, you may want to know what's the next weapon system going to look like. So you hack in and find out.

But why would you hack a beverage company or why would you hack somebody that is in entertainment? Those reasons were because a lot of these places were doing mergers and acquisitions in China. So it was clear to us there's economic reasons behind these intrusions as well.

But why would you hack a beverage company or why would you hack somebody that is in entertainment? Those reasons were because a lot of these places were doing mergers and acquisitions in China. So it was clear to us there's economic reasons behind these intrusions as well.

The bottom line is if you made something that could help sustain the health and welfare of 1.3 billion people, you got targeted. You know, if you made some heat tolerant crop of some kind, if you made certain chemicals or things that were critical, you were fair game to what they wanted to accomplish in theft of IP.

The bottom line is if you made something that could help sustain the health and welfare of 1.3 billion people, you got targeted. You know, if you made some heat tolerant crop of some kind, if you made certain chemicals or things that were critical, you were fair game to what they wanted to accomplish in theft of IP.