China military says a report linking it to prolific hacking of US targets is flawed. In a statement, the Defence Ministry said the report lacked “technical proof” when it used IP addresses to link hacking to a military unit. The report identified a Shanghai high-rise used by the military as the likely home of a hackers to whom it attributed multiple attacks on US companies.
The US says it has repeatedly raised concerns with China about cyber theft. The Chinese ministry statement, posted on its website, said that many hacking attacks were carried out using hijacked IP addresses. There was no clear definition of what constituted a hacking attack, it went on, and as it was a cross-border, deceptive business, it was hard to pin down where attacks originated. It suggested that the “everyday gathering” of online information was being wrongly characterised as spying.
The detailed report, released on Tuesday by US-based computer security company Mandiant, looked at hundreds of data breaches, most of which it attributed to what it termed “Advanced Persistent Threat” actors. The details it had uncovered, it said, showed that these groups were based primarily in China and that the Beijing government was aware of them. The most prolific of these actors was APT1, Mandiant said, describing it as “one of the most prolific cyber espionage groups in terms of the sheer quantity of information stolen”. The firm said it had traced the hacking activities of APT1 to a Shanghai building. Unit 61398 of the People’s Liberation Army “is also located in precisely the same area” and the actors had similar “missions, capabilities and resources”, it added.
APT1, it said, was staffed by hundreds of proficient English speakers. It had hacked into 141 companies across 20 industries, stealing information including blueprints, business plans, pricing documents, user credentials, emails and contact lists. Spokesman Jay Carney said the White House was “aware” of the Mandiant report and its contents. While not commenting directly, he described cyber espionage as a “very important challenge”. “We have repeatedly raised our concerns at the highest levels about cyber-theft with senior Chinese officials including in the military and we will continue to do so,” he said.
State Department spokeswoman Victoria Nuland, meanwhile, said that the issue came up “in virtually every meeting we have with Chinese officials”. “We consider this kind of activity a threat not only to our national security but also to our economic interests and [we are] laying out our concerns specifically so that we can see if there’s a path forward,” she said. China has long been suspected of a role in cyber hacking. But the issue has become more high-profile in recent months following widely reported hacks into media outlets including the New York Times – in that case apparently linked to a report by the paper on the wealth of relatives of outgoing Premier Wen Jiabao. The Chinese Defence Ministry statement pointed out that China was also a victim of hacking attacks. A Global Times editorial accused the US and its major allies of hyping up a China hacking “threat”. “China should refute the allegations of US company Mandiant with authoritative reports from its technology sector,” it said. “As a long-term counter-measure, China needs to encourage those institutions and individuals who have been subject to cyber-attacks from US IP addresses to stand up and tell the world what happened to them.”