Top secret unit reportedly steals tech blue prints, intellectual property data, contracts and contact lists from victim organizations
A security company says it has traced cyber-espionage activities to a unit of China’s People’s Liberation Army.
In a report released on Tuesday, Mandiant Corp. said it has reasons to believe that a group it called Advanced Persistent Threat 1 (APT1) is likely backed by the Chinese government.
A report from Computerworld.com, however said that China’s Foreign Ministry on Tuesday said that the government is opposed to hacking.
“Cyber-attacks are transnational and anonymous,” said ministry spokesman Hong Lei in a press conference. “It is very hard to trace the origin of attacks. I don’t know has this evidence in the relevant report is tenable.”
Mandiant said APT1 uses tools called GETMAIL and MAPIGET which are meant for stealing emails. The group can revisit a victim’s network over a period of months or years and pilfer technology blue prints, business plans, proprietary processes, emails, contact list and contract information, said Mandiant.
The security firm said it is releasing more than 3,000 APT1 indicators to expose APT1’s infrastructure and allow organizations to bolster their defenses against the cyber group.