Mandiant says that a Shanghai-based group of hackers designated by the company as APT-1 "is likely government-sponsored and one of the most persistent of China's cyber threat actors"
BEIJING, CHINA: A US computer security company said the Chinese army is behind a series of cyber-attacks on American companies and institutions, a charge denied by the Chinese military on Wednesday.
A 60-page report released by US computer security company Mandiant says that a Shanghai-based group of hackers designated by the company as APT-1 "is likely government-sponsored and one of the most persistent of China's cyber threat actors".
APT-1 activities appear to coincide with those of People's Liberation Army Unit 61398, whose headquarters are in the Pudong district of Shanghai, Mandiant said. China's military Wednesday said the country's armed forces had never backed any hacking activities and denounced as "groundless both in facts and legal basis" Mandiant's report that it was behind cyber-attacks against US companies.
China's laws ban any activities disrupting cyber security and Chinese government always cracks down on cyber crimes, Geng Yansheng, spokesman with Ministry of National Defense, said at a briefing.
Though the US security company has been unable to directly trace APT-1 hackers to the Unit 61398 building, it believes there can be no other explanation for why so many attacks are launched from the same, relatively small area.
The attacks have been on the rise for two years, according to Mandiant, adding that cyber-strikes on least 20 sectors have been identified, from military contractors to chemical plants and including telecommunications companies.
Geng said Mandiant's report was groundless because the report came to the conclusion that the source of attack came from China only with the discovery that attacks were linked to IP addresses based in China, reported Xinhua.
First, as known to all, it is a common sense and method on the Internet to conduct hacking attacks by peculating IP addresses, the spokesman said. "It happens almost everyday."
Second, there has been no clear and consistent definition on cyber-attacks around the world. The report is lack of legal basis to assert cyber espionage only by collecting some routine cyber activities, Geng said.
Third, cyber-attack is transnational, anonymous and deceptive with its source often difficult to be identified. Releasing irresponsible information will not help solve problems, he said.