An American security firm says it has pinpointed a prolific cyber espionage campaign that has stolen massive amounts of information from government departments, energy companies and journalists in an operation it alleges is run by the Chinese military.
In an unprecedented report, Virginia-based Mandiant Corp. alleges that the Chinese government is aware of ongoing cyber spying against the United States and other foreign companies and government agencies – targeting nearly 150 victims over seven years.
Mandiant said it traced the hacking back to a Shanghai suburb, in a drab, white, 12-storey office building run by "Unit 61398" of the People's Liberation Army.
The report, released Tuesday, states that out of the 141 hacking targets, 87 per cent have headquarters in English-speaking countries.
“It’s time to acknowledge the threat is originating in China,” reads the report. “Without establishing a solid connection to China, there will always be room for observers to dismiss (the threat) as uncoordinated, solely criminal in nature, or peripheral to larger national security and global economic concerns.”
Chinese Foreign Ministry spokesman Hong Lei did not directly address the claims, but when questioned about the report Tuesday, he said he doubted the evidence would withstand scrutiny.
"To make groundless accusations based on some rough material is neither responsible nor professional," Hong told reporters at a regularly scheduled news conference.
While China has frequently been accused of hacking, Tuesday’s report contains some of the most detailed and extensive accusations to date linking the attacks to the military.
In a 2010 report about Chinese hacking, Mandiant said it could not determine the extent of the government’s knowledge of the activities, but its analysis has since changed.
"The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese government is aware of them," the company said in its latest report.
Mandiant alleges the cyber espionage campaign has had such an extensive run in large part because it receives direct government support, as Unit 61398 is staffed by hundreds, if not thousands of people.
The report states that once the hackers access the victim’s network, it’s revisited over several months, even years, while stealing technology blueprints, business plans, pricing documents, emails and contact lists.
The company said it understands the “downside” to publishing the information publicly.
“Many of the techniques and technologies described in this report are vastly more effective when attackers are not aware of them,” the report read. “We are acutely aware of the risk this report poses for us. We expect reprisals from China as well as an onslaught of criticism.”
News of the report spread Tuesday on the Chinese Internet, with many commentators calling it an excuse for the U.S. to impose greater restrictions to contain China's growing technological competency.