Laptop

US cybersecurity firm Mandiant has linked a secretive China People’s Liberation Army’s (PLA) intelligence unit to prolific cyber attacks on the US and foreign companies in the past seven years.

Contradicting Beijing’s previous claims that the government does not carry out illegal hacking, the company has alleged in a report that PLA’s Shanghai-based Unit 61398 to have stolen hundreds of terabytes of data from at least 141 organisations across 20 major industries from as early as 2006.

Go deeper with GlobalData

Go deeper with GlobalData

The gold standard of business intelligence.

Find out more

Discover B2B Marketing That Performs

Combine business intelligence and editorial excellence to reach engaged professionals across 36 leading media platforms.

Find out more

The report alleges that the Advanced Persistent Threat1 (APT1) group, a primary accused of data breaches since 2004, is believed to be the 2nd Bureau of the PLA General Staff Department’s (GSD) 3rd Department, commonly known as Unit 61398.

"The nature of Unit 61398’s work is considered by China to be a state secret," the report stated. "However, we believe it engages in harmful computer network operations."

Arguing the reason for establishing the link, the report said the unit was located in Pudong New Area, where the group is headquartered, and also a password used by one of three hackers it identified translated to a division that is extensively used within the General Staff Department organisations.

"The nature of Unit 61398’s work is considered by China to be a state secret."

However, the credibility of the report was disputed by the Chinese Government, with Foreign Ministry spokesman Hong Lei saying he doubted the evidence.

GlobalData Strategic Intelligence

US Tariffs are shifting - will you react or anticipate?

Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.

By GlobalData

"Hacking attacks are transnational and anonymous," he said. "Determining their origins are extremely difficult. We don’t know how the evidence in this so-called report can be tenable.

The country’s Defence Ministry also rejected the allegations in a faxed statement to The Associated Press and insisted the statements ‘are unprofessional and are not in accordance with the facts’.

US Pentagon press secretary George Little refused to comment on the report, but noted that the department has raised highest level concerns regarding the cyber crimes with Chinese officials, including the military, and will continue to do so in the future.

Without naming the victims, the report said 115 companies were located in the US, two in Canada, five in the UK, with the remaining 19 from France, Norway, Belgium, Luxembourg, Israel, Switzerland, South Africa, Singapore, Taiwan and Japan.

Image: Cybersecurity methods can be breached if proper security procedures are not followed. Photo: US Army photo by Spc Loren Cook.

Defence Technology

Army Technology Excellence Awards - Nominations Closed

Nominations are now closed for the Army Technology Excellence Awards. A big thanks to all the organisations that entered – your response has been outstanding, showcasing exceptional innovation, leadership, and impact across the defence sector.

Excellence in Action
Virtualitics has clinched both the Innovation and Business Expansion awards for its Integrated Readiness Optimization (IRO) AI suite, transforming maintenance, sustainment and operational decision-making across the US DoD. Discover how explainable AI and predictive insights are redefining mission readiness, risk management and joint-force efficiency.

Discover the Impact