Chinese Army Unit Linked To Hacks Against U.S. Companies And Agencies

By Alexandra Burlacu | Feb 19, 2013 01:08 PM EST

Share This Story

  • Print
  • Email

A Chinese military unit is likely responsible for a series of prolific hackings against U.S. companies and agencies, claims a U.S. computer security company.

Despite the Chinese government's claims that it is not involved in such operations, an "overwhelming percentage" of cyber attacks on U.S. corporations, government agencies and organizations apparently came from a 12-story office tower in Shanghai.

Follow us

According to a comprehensive New York Times (NYT) report, the office tower on the outskirts of Shanghai is tied to the People's Liberation Army. The NYT cites an extensive 60-page report from U.S. security firm Mandiant, tracing the activities of a Chinese hacking group known as "Comment Crew" or "Shanghai Group" to the headquarters of PLA Unit 61398.

Mandiant said it observed the "Comment Crew" systematically steal hundreds of terabytes of data from at least 141 organizations across 20 industries worldwide since 2006. The security firm claims the activity can be traced to four networks near Shanghai, with some operations originating from the headquarters of Unit 61398, a secret division of China's military.

"The sheer scale and duration of sustained attacks against such a wide set of industries from a singularly identified group based in China leaves little doubt about the organization behind," says Mandiant. "We believe the totality of the evidence we provide in this document bolsters the claim the [the group] is Unit 61398."

"Either they are coming from inside Unit 61398 or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood," Mandiant founder and CEO Kevin Mandia told the Times.

Mandiant also released a very detailed video (see below) as part of its report, claiming to show actual hack sessions conducted by a hacker group in China. Mandiant calls that group Advanced Persistent Threat group 1, or APT1.

"Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China's cyber threat actors," explains Mandiant.

Last month, The New York Times revealed that it was the victim of a four-month cyber attack stemming from China. As part of that attack, hackers breached its systems and stole the passwords of its employees to get information on sources and contacts for the NYT's expose on Chinese Prime Minister Wen Jiabao and his family. The NYT said the methods used in the cyber attacks were similar to past attacks by the Chinese military, but Chinese authorities denied any involvement.

Such reports surface as the U.S. is starting a more aggressive cyber defense policy against hackers. President Obama signed a long-anticipated executive order last week, allowing companies to share confidential information such as hackers' unique digital signatures with intelligence agencies.

The order aims to make it easier for private companies dealing with the nation's critical infrastructure to share information about cyber attacks with the government. At the same time, the order also prompts the government to work with the private sector on standards to help protect private companies from cyber attacks.

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

© 2014 Mobile & Apps All rights reserved. Do not reproduce without permission.

Join Our Conversation

Smartphones
LG Google Nexus 5 LG Google Nexus 5 back on sale from Google Play
Here’s the new ‘Microsoft Lumia’ brand, and what will happen to existing Nokia Lumia devices
LG G Watch R starts global rollout, hitting Europe first
Google Nexus 6 UK launch reportedly delayed until December
Tablet / Laptop / PC
Dell Venue 7 and Venue 8 Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Gadgets
Amazon Logo Amazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC Logo HTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google Downtime Google blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Flipboard for Windows Phone Flipboard for Windows Phone finally available, but requires 1GB of RAM (VIDEO)
Vine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now
Instagram releases Bolt ephemeral messaging app in select markets to challenge Snapchat
Copyright © 2014 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics