US cybersecurity firm Mandiant has linked a secretive China People’s Liberation Army’s (PLA) intelligence unit to prolific cyber attacks on the US and foreign companies in the past seven years.

Contradicting Beijing’s previous claims that the government does not carry out illegal hacking, the company has alleged in a report that PLA’s Shanghai-based Unit 61398 to have stolen hundreds of terabytes of data from at least 141 organisations across 20 major industries from as early as 2006.

The report alleges that the Advanced Persistent Threat1 (APT1) group, a primary accused of data breaches since 2004, is believed to be the 2nd Bureau of the PLA General Staff Department’s (GSD) 3rd Department, commonly known as Unit 61398.

"The nature of Unit 61398’s work is considered by China to be a state secret," the report stated. "However, we believe it engages in harmful computer network operations."

Arguing the reason for establishing the link, the report said the unit was located in Pudong New Area, where the group is headquartered, and also a password used by one of three hackers it identified translated to a division that is extensively used within the General Staff Department organisations.

"The nature of Unit 61398’s work is considered by China to be a state secret."

However, the credibility of the report was disputed by the Chinese Government, with Foreign Ministry spokesman Hong Lei saying he doubted the evidence.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

"Hacking attacks are transnational and anonymous," he said. "Determining their origins are extremely difficult. We don’t know how the evidence in this so-called report can be tenable.

The country’s Defence Ministry also rejected the allegations in a faxed statement to The Associated Press and insisted the statements ‘are unprofessional and are not in accordance with the facts’.

US Pentagon press secretary George Little refused to comment on the report, but noted that the department has raised highest level concerns regarding the cyber crimes with Chinese officials, including the military, and will continue to do so in the future.

Without naming the victims, the report said 115 companies were located in the US, two in Canada, five in the UK, with the remaining 19 from France, Norway, Belgium, Luxembourg, Israel, Switzerland, South Africa, Singapore, Taiwan and Japan.

Image: Cybersecurity methods can be breached if proper security procedures are not followed. Photo: US Army photo by Spc Loren Cook.

Defence Technology