“Mandiant, the U.S. firm contracted to investigate cyberattacks against U.S. corporations, says it was able to track an extensive hacking campaign back to the Chinese military in part by exploiting China’s own Web restrictions.
This where the hackers may have gotten themselves into trouble. To be totally safe, a Chinese hacker would log out of the servers used for cyber-espionage (and allegedly sponsored by the Chinese military) before logging into a separate, more low-key [Virtual Private Network, or] VPN that he or she could use to access U.S.-based social media sites such as Facebook and Twitter.
Instead of following that procedure, according to Mandiant, some of the hackers got lazy. “The easiest way for them to log into Facebook and Twitter is directly from their attack infrastructure,” the company’s report explains. “Once noticed, this is an effective way to discover their real identities.”