Report links Chinese military to majority of cyberattacks against US

By on February 19, 2013, 2:30 PM

According to the New York Times, U.S-based security research firm Mandiant claims it has traced the "overwhelming majority" of cyberattacks targeting American businesses to an innocuous 12-story office building located in Shanghai, China. The tower, American intelligence officials claim, is thought to be the headquarters for the People's Liberation Army, Unit #61398 -- the seat for many computer-based attacks launched by the Chinese military.

Mandiant's full 60-page report on the matter hasn't been released yet, but the New York Times was issued an advanced copy for review.

"Either they are coming from inside Unit 61398," stated Kevin Mandia, the founder and CEO of Mandiant, "or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood."

If "Mandiant" sounds familiar, that's likely because it was recently hired by the New York Times. After noticing unusual network traffic, the news outlet turned to AT&T -- its ISP -- to finger the issue. The telco confirmed suspicious network activity, but warned the Times that observed traffic patterns were a close match to previously monitored cyberattacks thought to have been performed by the Chinese Military. Forced to dive deeper into the issue, the New York Times hired Mandiant, who eventually determined the Times had been infiltrated by supposed Chinese hackers.

In addition to Mandiant's own work, numerous other security firms have traced hackers to the same neighborhood where that fabled Shanghai office building resides. These hackers are typically identified as the "Comment Crew" or "Shanghai Group" and have been determined by U.S. intelligence officials as having direct ties to the People's Liberation Army, Unit #61398.

According to Mandiant's report, over 140 detected network intrusions since 2006 have been attributed to the Comment Crew -- some of which include the likes of RSA and Coca-Cola. The recent attacks launched against The New York Times though, are believed to have been carried out by a different set of Chinese-based attackers. 

Dell's security arm, SecureWorks, reportedly believes the Comment Crew has been involved "Operation Shady RAT" -- the massive, long-term series of cyberattacks we mentioned in 2011.




User Comments: 13

Got something to say? Post a comment
2 people like this | MilwaukeeMike said:

As strange as this may sound, this is a by-product of communism. China knows they cannot keep up with the rest of the world on innovation and so they hack into businesses to steal intellectual property.

This is also why business are in favor of CISPA. Not only do the Chinese steal American ideas, they then make fake products and sell them back to Americans. Obama has been criticized for letting it happen, and it's probably why he's determined to get a law like CISPA passed...(or an executive order in his case)

Ranger1st Ranger1st said:

JDAM's.... just 1 single JDAM will solve this whole thing and when the next 'unit' pops up, JDAM it.. till they get the F'in message.

lipe123 said:

JDAM's.... just 1 single JDAM will solve this whole thing and when the next 'unit' pops up, JDAM it.. till they get the F'in message.

Except that China owns over $1trillion of US debt right now? It's not that easy to just attack someone that controls 1/10th of your economy.

A better approach would be to get companies to take a better approach towards security and not leave their critical networks open to the internet.

Ranger12 Ranger12 said:

"finger the issue" is a new expression for me, interesting...

Anyway, it seems for now we will just bend over and take it. However if China continues on this path we will eventually have to confront them and I think it would be easier to do it now instead of waiting until it escalates. Having said that I think communism is a proven failure and China will eventually be forced to move away from that system of government much like Gorbachev tried, but what he did was too little, too late.

jeffz6 said:

Yeah, and America is innocent from such cyber attacks themselves.

Guest said:

Issue fingerer!

1 person liked this | Guest said:

Ohh poor innocent America. When they do it, it's for the good of mankind when some one else do it it's terrorism. Bunch of spineless cowards.

SNGX1275 SNGX1275, TS Forces Special, said:

^ Nobody said terrorism...

captaincranky captaincranky, TechSpot Addict, said:

...[ ].....Having said that I think communism is a proven failure and China will eventually be forced to move away from that system of government much like Gorbachev tried, but what he did was too little, too late.
I expect that at some point, China will refuse to roll over America's debt to them. The rich Chinese will move to America, repossess everything in sight, and turn capitalist. (I'm not sure that's what you meant about, "communism failing" though)....

Archean Archean, TechSpot Paladin, said:

It could be the case CC, but I think they will do nothing, just keep getting the 'return' on their investment for as long as possible (count Saudis in it as well because they are #2 on the list). Unless offcourse, politicians stop fighting and really take measures to cut down the ballooning deficit (for it to happen they also need to stop starting new wars and winding down old ones) ...... so my calculated guess is we'll still be talking about this in few years time. By the way why we never hear western military establishments "cyber" ventures against 'enemies'? I am pretty certain it is done all the time as well.

On a more serious note, I feel that we are at crossroads, where a new empire is emerging and the old one, is just starting to decline (at least financially).

MilwaukeeMike said:

On a more serious note, I feel that we are at crossroads, where a new empire is emerging and the old one, is just starting to decline (at least financially).

I have that fear too. We are spending money so fast it's scary. Medicare and Social Security are what are ballooning out of control (google 'unfunded liabilities' , and they were specifically left out of Obama's inauguration speech. China's economy is growing at like 10% a year, while we are at 2%. Our debt is growing at a trillion dollars a year and Obama has no plan, nor has even admitted it's a problem. Congress hasn't even passed a budget in 4 years!

The scariest part for me is that no one is talking about it. Obama goes on 60 minutes and doesn't get a single tough question. The media is not doing their job of keeping politicians honest. In that sense we are rather like China. In China, the media is run by the govt, here the media is free... but what's the difference if they won't hold their feet to the fire and demand some problems be fixed?

Sphynx Sphynx said:

JDAM's.... just 1 single JDAM will solve this whole thing and when the next 'unit' pops up, JDAM it.. till they get the F'in message.

Except that China owns over $1trillion of US debt right now? It's not that easy to just attack someone that controls 1/10th of your economy.

Not to mention that China is a nuclear state. If China is attacked with JDAM, you can bet China's military response will not involve conventional weapons.

captaincranky captaincranky, TechSpot Addict, said:

JDAM's.... just 1 single JDAM will solve this whole thing and when the next 'unit' pops up, JDAM it.. till they get the F'in message.
The Chinese are our esteemed colleagues in both business, finance, and perhaps even in negotiations on nuclear weapons with North Korea.

Using kluged together weapons is an uncouth way of dealing with our partner nation.

I recommend either honest to God newest generation smart weapons, EMP pulse weapons, or carpet bombing the Nike corporation's sneaker factories. In the case of the Nike bombings, this will cause the largest possible number of underage collateral civilian casualties, while not damaging their infrastructure as a whole. Which in turn would freely allow the continued flow of Apple products between our two countries.

After all, if we bombed Foxconn to send a message, half of the US population would go into iPhone withdrawal, the other half would be jonesing for their stinking iPads.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.