China’s army controls hundreds if not thousands of virulent and cutting-edge hackers, according to a report issued yesterday by a US Internet security firm that traced a host of cyberattacks to an anonymous building in Shanghai.
Mandiant said its hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies “are based primarily in China and that the Chinese government is aware of them.”
The 74-page report focused on one group, which it called “APT1” from the initials “Advanced Persistent Threat.” The New York Times, citing experts, said the group was targeting crucial infrastructure such as the US energy grid.
Photo: AFP
“We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support,” Mandiant said.
The group, it said, was believed to be a branch of the People’s Liberation Army (PLA) called Unit 61398, and digital signatures from its cyberattacks were traced back to the direct vicinity of a nondescript, 12-story building on the outskirts of Shanghai.
“We believe the totality of the evidence we provide in this document bolsters the claim that APT1 is Unit 61398,” Mandiant said, estimating it is “staffed by hundreds, and perhaps thousands of people.”
China’s Ministry of Defense said its army had never supported any kind of hacking activity, adding: “Not only are reports that China’s army has been involved in hacking unprofessional, they do not fit with the facts.”
“Hacking attacks are a global problem. Like other countries, China also faces the threat of hacking attacks, and is one of the main countries falling victim to hacking attacks,” the ministry said.
The Chinese Ministry of Foreign Affairs also rejected “groundless accusations” of Chinese involvement in hacking.
In its report, Mandiant said that APT1 — known also as “Comment Crew” for its practice of planting viruses on the comment sections of Web sites — has stolen hundreds of terabytes of data from at least 141 organizations spanning 20 industries.
The Times, which was given early access to the report, said the researchers had found that the Comment Crew was increasingly focused on companies involved in US infrastructure, including in its electrical power grid, gas lines and water works. It said one target was a company with remote access to more than 60 percent of oil and gas pipelines in North America.
The Comment Crew was also among those that attacked the computer security firm RSA, whose computer codes protect confidential corporate and government databases, the Times said.
The building pinpointed as the hacking headquarters sits in the Shanghai suburb of Gaoqiao, near a petrochemical complex and surrounded by small shops. There is no name plate outside, but framed posters showing soldiers are displayed on a high wall surrounding the complex, while the PLA’s symbol of a red star is mounted over the main door of the building.
One soldier in camouflage uniform stood at the main gate yesterday. Another wearing a PLA overcoat was stationed in the guardhouse.
Additional reporting by NY Times News Service
A magnitude 7.0 earthquake struck off Yilan at 11:05pm yesterday, the Central Weather Administration (CWA) said. The epicenter was located at sea, about 32.3km east of Yilan County Hall, at a depth of 72.8km, CWA data showed There were no immediate reports of damage. The intensity of the quake, which gauges the actual effect of a seismic event, measured 4 in Yilan County area on Taiwan’s seven-tier intensity scale, the data showed. It measured 4 in other parts of eastern, northern and central Taiwan as well as Tainan, and 3 in Kaohsiung and Pingtung County, and 2 in Lienchiang and Penghu counties and 1
A car bomb killed a senior Russian general in southern Moscow yesterday morning, the latest high-profile army figure to be blown up in a blast that came just hours after Russian and Ukrainian delegates held separate talks in Miami on a plan to end the war. Kyiv has not commented on the incident, but Russian investigators said they were probing whether the blast was “linked” to “Ukrainian special forces.” The attack was similar to other assassinations of generals and pro-war figures that have either been claimed, or are widely believed to have been orchestrated, by Ukraine. Russian Lieutenant General Fanil Sarvarov, 56, head
FOREIGN INTERFERENCE: Beijing would likely intensify public opinion warfare in next year’s local elections to prevent Lai from getting re-elected, the ‘Yomiuri Shimbun’ said Internal documents from a Chinese artificial intelligence (AI) company indicated that China has been using the technology to intervene in foreign elections, including propaganda targeting Taiwan’s local elections next year and presidential elections in 2028, a Japanese newspaper reported yesterday. The Institute of National Security of Vanderbilt University obtained nearly 400 pages of documents from GoLaxy, a company with ties to the Chinese government, and found evidence that it had apparently deployed sophisticated, AI-driven propaganda campaigns in Hong Kong and Taiwan to shape public opinion, the Yomiuri Shimbun reported. GoLaxy provides insights, situation analysis and public opinion-shaping technology by conducting network surveillance
‘POLITICAL GAME’: DPP lawmakers said the motion would not meet the legislative threshold needed, and accused the KMT and the TPP of trivializing the Constitution The Legislative Yuan yesterday approved a motion to initiate impeachment proceedings against President William Lai (賴清德), saying he had undermined Taiwan’s constitutional order and democracy. The motion was approved 61-50 by lawmakers from the main opposition Chinese Nationalist Party (KMT) and the smaller Taiwan People’s Party (TPP), who together hold a legislative majority. Under the motion, a roll call vote for impeachment would be held on May 19 next year, after various hearings are held and Lai is given the chance to defend himself. The move came after Lai on Monday last week did not promulgate an amendment passed by the legislature that
RSS