In a statement made to the American website Cyberscoop, David Sanger, a reporter from The New York Times, said: “Mandiant gave us extraordinary access to their investigation as we were preparing to write about Unit 61398 (aka APT1) in late 2012, and the result was our story in the Times, and the company’s report, in February, 2013."
Sanger made the claims about Mandiant, a subsidiary of the big security company FireEye, in his book The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age.
Statement from Sanger: pic.twitter.com/5vQZE0Ef5S— Chris Bing (@Bing_Chris) June 25, 2018
"I spent considerable time with their investigators, and saw the images of the hackers as described in The Perfect Weapon," Sanger said in his statement.
"While that wasn’t my understanding at the time, passive monitoring is a reasonable explanation of how the company came to link the hacks to specific individuals, several of whom have since been indicted by the United States.”
SANGER BOOK MEME :) pic.twitter.com/Zz2gatJSvt— daveaitel (@daveaitel) 26 June 2018
Mandiant issued a lengthy denial on Monday, in which it said: "The videos Sanger viewed were from Windows Remote Desktop Protocol (RDP) network packet captures (PCAP) of Internet traffic at these victim organisations. Mandiant has never turned on the webcam of an attacker or victim system."
In what appeared to be a bid to cast more doubt on Sanger's version of events, another statement was issued by Richard Bejtlich of Tao Security, a former Mandiant employee, who also wrote a lengthy post, denying that the company had hacked back.
Also casting doubt on Sanger's claims — and his entire book, in fact — was former NSA hacker Dave Aitel, the chief security officer of offensive security firm Immunity that was acquired by Cyxtera Technologies earlier this year.
Aitel published his own blog post attacking Sanger's book, claiming that citations were needed at various points in the tome.
FireEye is known to be close to the US Government, with the company's chief executive, Kevin Mandia, claiming recently that US Government spooks produce "nice" malware when compared to that of other states.