Chinese Army Cyber Warfare Unit Identified As Source Of Hacking Attacks Against US Targets - Report

on February 19 2013 7:25 AM
  • Chinese Hacking Incidents
    Satellite photo showing location of scores of alleged Chinese hacking incidents versus the United States DigitalGlobe.com and Google
  • China Hacking Building
    Part of the building of Unit 61398, a secretive Chinese military unit, is seen in the outskirts of Shanghai Feb. 19. The unit is believed to be behind a series of hacking attacks, a U.S. computer security company said, prompting a strong denial by China and accusations that it was in fact the victim of U.S. hacking. Reuters
1 of 2

China’s government is behind a vast, sophisticated campaign of cyberwarfare, according to private U.S. investigators and confirmed by Washington, a report published on Tuesday said. (Scroll down to read the report.)

U.S. security firm Mandiant, which was hired by the New York Times to investigate breaches of its own security, provided an advance copy of the 60-page report to the newspaper. The report describes how the People’s Liberation Army launches attacks against American companies, organizations and government agencies from or near a 12-story building on the outskirts of Shanghai.

The group behind the attacks is P.L.A. Unit 61398, whose main office is on Datong Road, outside Shanghai, but victims of its attacks call the unit the “Comment Crew” of “Shanghai Group,” the New York Times said.

“Either they are coming from inside Unit 61398,” Kevin Mandia, the founder and chief executive of Mandiant, told the newspaper, “or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”

Further, a recent classified National Intelligence Estimate document that reflects the views of all 16 U.S. intelligence agencies argues that many of China’s hacking groups are either run by P.L.A. officers or are contractors working for commands like Unit 61398, officials told the newspaper.

Targets of Unit 61398 include agencies and companies whose databases contain vast and detailed information about critical U.S. infrastructure, including pipelines, power generation facilities and transmission lines.

The U.S. administration plans to begin an intensified defense against Chinese hacking groups on Tuesday, according to a directive signed last week by President Obama.

Washington, however, is proceeding cautiously in its public response to the revelation that China's government is apparently sponsoring the cyberwarfare.

“There are huge diplomatic sensitivities here,” an intelligence official, who is frustrated with the government’s tentativeness about the matter, told the Times.

 

  Mandiant APT1 Report by  

 

More News from IBT MEDIA