Secret military cyber unit masked activities after exposure
The recent exposure of a secret Chinese military cyber warfare unit has not led to a decrease in cyber espionage against U.S. government and private networks, according a draft congressional China commission report.
Instead, the Chinese military group temporarily limited its large-scale cyber espionage campaign and took steps to mask its activities, according to a forthcoming report by the U.S.-China Economic and Security Review Commission.
The report concludes that the Chinese government is engaged in a concerted campaign of cyber attacks led by a Shanghai-based unit. Continue reading
On the outskirts of Shanghai, in a run-down neighborhood dominated by a 12-story white office tower, sits a People’s Liberation Army base for China’s growing corps of cyberwarriors.
The building off Datong Road, surrounded by restaurants, massage parlors and a wine importer, is the headquarters of P.L.A. Unit 61398. A growing body of digital forensic evidence — confirmed by American intelligence officials who say they have tapped into the activity of the army unit for years — leaves little doubt that an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around the white tower.
An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as “Comment Crew” or “Shanghai Group” — to the doorstep of the military unit’s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area. Continue reading