Report links cyber spy group to Chinese army

A security company says it has traced cyber-espionage activities to a unit of China’s People’s Liberation Army.

In a report released on Tuesday, Mandiant Corp. said it has reasons to believe that a group it called Advanced Persistent Threat 1 (APT1) is likely backed by the Chinese government.

Mandiant, an advanced threat detection and response firm based in Washington D.C. said the cyber-espionage activity was traced to a certain PLA Unit 61398. The company said the unit is located in a huge building in Datong Road in Gaoqiaozhen, in the Pudong New Area in Shanghai.
 
A statement released on Tuesday, Mandiant said Unit 61398’s activities are considered a state secret. However, Mandiant said it has been tracking APT1 since 2006 and has found it to have compromised 141 companies in 20 major industries. The security firm said 80 per cent of the target companies were headquartered in countries where English is the native language and are in industries that China has identified as strategic.

A report from Computerworld.com, however said that China’s Foreign Ministry on Tuesday said that the government is opposed to hacking.

RELATED CONTENT

Canada spared by Red October cyber spy ring?
Black Hat: Cyber-espionage is expanding

“Cyber-attacks are transnational and anonymous,” said ministry spokesman Hong Lei in a press conference. “It is very hard to trace the origin of attacks. I don’t know has this evidence in the relevant report is tenable.”

Mandiant said APT1 uses tools called GETMAIL and MAPIGET which are meant for stealing emails. The group can revisit a victim’s network over a period of months or years and pilfer technology blue prints, business plans, proprietary processes, emails, contact list and contract information, said Mandiant.

The security firm said it is releasing more than 3,000 APT1 indicators to expose APT1’s infrastructure and allow organizations to bolster their defenses against the cyber group.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now