Tuesday, May 20, 2014

China's shadowy 'cyberspying' unit




  • Shadowy PLA unit coded as 61398 could be responsible for cyber espionage

  • U.S.-based security firm Mandiant studied hacking activity originating from China over a six-year period

  • Mandiant says it has details on the what, where, who, and how of unit 61398

  • Chinese authorities deny any connection between the military and cyber espionage



(CNN) — “UglyGorilla,” “KandyGoo,” and “WinXYHappy” are some of the aliases used by the Chinese accused of hacking U.S. companies on Monday.


The men behind these handles are officers of the People’s Liberation Army (PLA) under a unit known simply by the code 61398.


Little is confirmed about the mysterious unit 61398, a section that the Chinese authorities have not officially acknowledged. The Chinese defense ministry said the country’s military “has never supported any hacker activities.”


But the U.S. indictment notice pinpoints a non-descript building on Datong Road in Shanghai’s Pudong District as one of the locations for unit 61398′s alleged cyber espionage activities.






The Shanghai building allegedly home to a part of the PLA's unit 61398. The Shanghai building allegedly home to a part of the PLA’s unit 61398.




The Shanghai building allegedly home to a part of the PLA's unit 61398.The Shanghai building allegedly home to a part of the PLA’s unit 61398.




When CNN tried to visit the building last year, our correspondents were chased away by security guards, as seen in the video above.


What is unit 61398 and what do they do? U.S.-based Internet security firm Mandiant released a



U.S. vulnerable to Chinese cyberspies?




Chinese accused of hacking US secrets




Snowden: U.S. hacked targets in China


According to Mandiant’s document and the U.S. indictment, here’s what we know about the secret division.


Capable


Mandiant says unit 61398 is also known as the “comment crew,” and has systematically stolen hundreds of terabytes of data from at least 141 organizations across 20 industries worldwide since as early as 2006.


Large


Mandiant estimates that more than 1,000 servers are being used by unit 61398.


The security firm believes the unit employs anywhere from hundreds to thousands of staff. A look at the physical size of the building in Shanghai — 12 floors high, with more than 130,000 square feet of space — suggests the unit could house around 2,000 people.


Focused


Mandiant observed 141 companies targeted by unit 61398, out of which 115 were in the United States. These were blue-chip companies in important industries such as aerospace, satellite and telecommunications, and information technology — strategic industries that were identified in China’s



Incoming Search Terms:
China's shadowy 'cyberspying' unit
'cyberspying', China's, shadowy, unit

Like the Post? Do share with your Friends.

IconIconIconFollow Me on Pinterest

What's Hot

Powered By Blogger Premium Theme By Lord HTML