However, in the weeks that followed, the group picked up where it had left off. From its Shanghai headquarters, the unit’s hackers set up new beachheads from compromised computers all over the world, many of them small Internet service providers and mom-and-pop shops whose owners do not realize that by failing to rigorously apply software patches for known threats, they are enabling state-sponsored espionage.
“They dialed it back for a little while, though other groups that also wear uniforms didn’t even bother to do that,” Mandiant chief executive Kevin Mandia said in an interview on Friday last week. “I think you have to view this as the new normal.”
The hackers now use the same malicious software they used to break into the same organizations in the past, only with minor modifications to the code.
While US officials and corporate executives say they are trying to persuade Chinese President Xi Jinping’s (習近平) government that a pattern of theft by the PLA will damage China’s growth prospects — and the willingness of companies to invest in China — their longer-term concern is that China may be trying to establish a new set of rules for Internet commerce, with more censorship and fewer penalties for the theft of intellectual property.
Google chairman Eric Schmidt said on Friday last week that while there was evidence that inside China many citizens are using the Web to pressure the government to clean up industrial hazards or to complain about corruption, “so far there is no positive data on China’s dealings with the rest of the world” on cyberissues.
Google largely pulled out of China after repeated attacks on its systems in 2009 and 2010, and now has its Chinese operations in Hong Kong. However, it remains a constant target for Chinese cyberattackers, Schmidt said.