China’s army controls hundreds if not thousands of virulent and cutting-edge hackers, according to a report issued yesterday by a US Internet security firm that traced a host of cyberattacks to an anonymous building in Shanghai.
Mandiant said its hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies “are based primarily in China and that the Chinese government is aware of them.”
The 74-page report focused on one group, which it called “APT1” from the initials “Advanced Persistent Threat.” The New York Times, citing experts, said the group was targeting crucial infrastructure such as the US energy grid.
Photo: AFP
“We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support,” Mandiant said.
The group, it said, was believed to be a branch of the People’s Liberation Army (PLA) called Unit 61398, and digital signatures from its cyberattacks were traced back to the direct vicinity of a nondescript, 12-story building on the outskirts of Shanghai.
“We believe the totality of the evidence we provide in this document bolsters the claim that APT1 is Unit 61398,” Mandiant said, estimating it is “staffed by hundreds, and perhaps thousands of people.”
China’s Ministry of Defense said its army had never supported any kind of hacking activity, adding: “Not only are reports that China’s army has been involved in hacking unprofessional, they do not fit with the facts.”
“Hacking attacks are a global problem. Like other countries, China also faces the threat of hacking attacks, and is one of the main countries falling victim to hacking attacks,” the ministry said.
The Chinese Ministry of Foreign Affairs also rejected “groundless accusations” of Chinese involvement in hacking.
In its report, Mandiant said that APT1 — known also as “Comment Crew” for its practice of planting viruses on the comment sections of Web sites — has stolen hundreds of terabytes of data from at least 141 organizations spanning 20 industries.
The Times, which was given early access to the report, said the researchers had found that the Comment Crew was increasingly focused on companies involved in US infrastructure, including in its electrical power grid, gas lines and water works. It said one target was a company with remote access to more than 60 percent of oil and gas pipelines in North America.
The Comment Crew was also among those that attacked the computer security firm RSA, whose computer codes protect confidential corporate and government databases, the Times said.
The building pinpointed as the hacking headquarters sits in the Shanghai suburb of Gaoqiao, near a petrochemical complex and surrounded by small shops. There is no name plate outside, but framed posters showing soldiers are displayed on a high wall surrounding the complex, while the PLA’s symbol of a red star is mounted over the main door of the building.
One soldier in camouflage uniform stood at the main gate yesterday. Another wearing a PLA overcoat was stationed in the guardhouse.
Additional reporting by NY Times News Service
SECURITY: As China is ‘reshaping’ Hong Kong’s population, Taiwan must raise the eligibility threshold for applications from Hong Kongers, Chiu Chui-cheng said When Hong Kong and Macau citizens apply for residency in Taiwan, it would be under a new category that includes a “national security observation period,” Mainland Affairs Council (MAC) Minister Chiu Chui-cheng (邱垂正) said yesterday. President William Lai (賴清德) on March 13 announced 17 strategies to counter China’s aggression toward Taiwan, including incorporating national security considerations into the review process for residency applications from Hong Kong and Macau citizens. The situation in Hong Kong is constantly changing, Chiu said to media yesterday on the sidelines of the Taipei Technology Run hosted by the Taipei Neihu Technology Park Development Association. With
CARROT AND STICK: While unrelenting in its military threats, China attracted nearly 40,000 Taiwanese to over 400 business events last year Nearly 40,000 Taiwanese last year joined industry events in China, such as conferences and trade fairs, supported by the Chinese government, a study showed yesterday, as Beijing ramps up a charm offensive toward Taipei alongside military pressure. China has long taken a carrot-and-stick approach to Taiwan, threatening it with the prospect of military action while reaching out to those it believes are amenable to Beijing’s point of view. Taiwanese security officials are wary of what they see as Beijing’s influence campaigns to sway public opinion after Taipei and Beijing gradually resumed travel links halted by the COVID-19 pandemic, but the scale of
Pope Francis is be laid to rest on Saturday after lying in state for three days in St Peter’s Basilica, where the faithful are expected to flock to pay their respects to history’s first Latin American pontiff. The cardinals met yesterday in the Vatican’s synod hall to chart the next steps before a conclave begins to choose Francis’ successor, as condolences poured in from around the world. According to current norms, the conclave must begin between May 5 and 10. The cardinals set the funeral for Saturday at 10am in St Peter’s Square, to be celebrated by the dean of the College
TRADE: A mandatory declaration of origin for manufactured goods bound for the US is to take effect on May 7 to block China from exploiting Taiwan’s trade channels All products manufactured in Taiwan and exported to the US must include a signed declaration of origin starting on May 7, the Bureau of Foreign Trade announced yesterday. US President Donald Trump on April 2 imposed a 32 percent tariff on imports from Taiwan, but one week later announced a 90-day pause on its implementation. However, a universal 10 percent tariff was immediately applied to most imports from around the world. On April 12, the Trump administration further exempted computers, smartphones and semiconductors from the new tariffs. In response, President William Lai’s (賴清德) administration has introduced a series of countermeasures to support affected
RSS