Chinese Hacking Incidents
Satellite photo showing location of scores of alleged Chinese hacking incidents versus the United States and Google

After the story broke last month that a Chinese hacking group reportedly accessed the internal network of the New York Times, many pointed at the China’s People’s Liberation Army, or PLA, as the responsible entity behind various hacking incidents involving foreign companies.

This week, Bloomberg News and the New York Times (both of whose sites cannot be accessed in mainland China because of government censorship) published articles pinning the hacks on China’s military. China’s Ministry of Defense is now responding by claiming it has never supported any hacker activity.

The Department of Defense Network, the official news source of the defense ministry, said that “Chinese law forbids hacker attacks undermining Internet security; the Chinese government has always resolutely combated related criminal activities and has never supported any hacker activity.”

Mandiant, an American network security company, released reports supporting the New York Times claims that China was behind repeated attacks on various American enterprises. Hong Lei, a Foreign Ministry spokesperson, called them “groundless speculations and accusations” that “does not solve the problem.”

In one of those reports, Mandiant Chief Security Officer Richard Bejtlich offers some statistics and research suggesting that, though the PLA’s involvement may not be clear, China’s hacking abilities have been well-monitored. Bejtlich estimates that Chinese hackers have accessed 20 to 40 percent of Fortune 500 companies.

The Chinese Defense Ministry did not respond specifically to the statistics but instead responded with its own.

“China is one of the main victims of cyberattacks,” Hong Lei said in a press conference. “According to a report published by the China National Computer Network Emergency Center, in 2012, a total of 73,000 overseas IP addresses spreading Trojan viruses and botnets were involved in attacks against over 14 million Chinese computers last year. Meanwhile, a total of 32,000 IPs took control remotely of 38,000 websites based in China by installing backdoor programs in those systems.” The No. 1 source for those various attacks was the United States, Hong said.

The spokesperson went on to say China has been part of a movement to develop a cyberspace code of conduct for the international community to maintain cyberspace security for all nations involved. In September 2011, China, Russia (also often accused of hosting many hackers) and other countries submitted a draft of an International Code of Conduct of Information Security to the United Nations.

Chinese state-run newspaper China Youth Daily denied that the attacks are a military-orchestrated espionage attempt. If anything, it argued, the U.S. military was one of the first to support hacking attacks.

“The U.S. military plans network warfare moves frequently; they were the first in the world to set up the Network Warfare Command and have done significant recruitment of hackers to become cyberwarriors and research and develop all kinds of computer viruses,” the article stated in the Chinese newspaper.