China’s army controls some of the most prolific hackers in the world, according to a new report Tuesday by an Internet security firm that traced a host of cyberattacks to an anonymous building in Shanghai.
Mandiant said its hundreds of investigations over the past three years showed that groups hacking into US newspapers, government agencies, and companies “are based primarily in China and that the Chinese government is aware of them.”
The report focused on one group, which it called “APT1” from the initials “Advanced Persistent Threat,” which it said had stolen huge quantities of information and was targeting critical infrastructure such as the US energy grid.
“We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support,” Mandiant said.
The group was actually believed to be a branch of the People’s Liberation Army, called Unit 61398, and digital signatures from its cyberattacks were traced back to a nondescript, 12-story building on the outskirts of Shanghai, the report said.
A series of brazen IT attacks on America’s most high-profile media outlets, reported earlier this month by The New York Times and the Wall Street Journal, as well as on Twitter and others, have revived concerns over Chinese hackers.
The New York Times said hackers stole corporate passwords and accessed the personal computers of 53 employees after the newspaper published a report on the family fortune of China’s Premier Wen Jiabao.
Clients including The New York Times have hired Mandiant to clean up their systems after cyberattacks blamed on Chinese hackers.
China has roundly rejected claims that it was behind the hacking attacks, with the official People’s Daily newspaper hinting instead at ulterior motives by the US government.