Skip to main content

Chinese cyber attacks tracked to Shanghai military base

An “overwhelming percentage” of US-targeted cyber attacks that originated in China have been traced to a Chinese military location in Shanghai, the New York Times has reported, citing a 60-page study published by computer security firm Mandiant.

The location is a 12-story building serving as a People’s Liberation Army base, from which Mandiant suggests a growing body of hackers affiliated with cyber crews such as “Shanghai Group” and “Comment Crew” are orchestrating digital attacks against American companies and government entities. Though researchers could not confirm that the hackers were based in the building, known as Unit 61398, Mandiant posits that the fact that so many attacks originate in one Shanghai neighbourhood suggest it’s likely.

“Either they are coming from inside Unit 61398 or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood,” Kevin Mandia, Mandiant’s founder and CEO, told the New York Times.

Reports from other security firms corroborate Mandiant’s claim that Comment Crew is a state-sponsored hacking group, with a recent US government study argues the hackers are led by Chinese military personnel.

The groups have carried out increasingly sophisticated hacks and shifted from US corporations to critical infrastructure as the targets of its attacks. Accordingly, President Obama last week signed an executive order granting government intelligence agencies the power to exchange details about cybersecurity threats with private companies.

The White House has also made strides to beef up its cyber warfare policy, with a recent legal review revealing that President Obama has the power to launch pre-emptive cyber attacks against foreign enemies believed to be plotting major attacks against the US.

China has maintained its innocence in the matter, with officials at the Chinese embassy in Washington, DC insisting their government does not condone or perpetrate computer hacking.

Image Credit: Mandiant