Unit 61398Independent research company Mandiant today published another study that says an attack is demonized and the ubiquitous “Chinese hackers” for U.S.

IT infrastructure. However, if you still have an investigation, revelations have been largely focused on some “Chinese hackers” that have been positioned as a “thing in itself”, the Mandiant openly suggesting a connection hackers and People’s Liberation Army of China.

According to the report, China’s military operates a so-called “Unit 61398”, engaged in the development and implementation of APT-attack (Advanced Persistent Threat) in the company’s report says that the authors believe the funding “61,398 units” of public money in China is in the unit interests of the Chinese state agencies. To implement the APT-attack unit has sufficient resources, capabilities and knowledge convinced Mandiant.

Mandiant investigation showed that physically “Unit 61398” is based in Pudong – a suburb of Shanghai. The division has its own headquarters area of ​​over 12,000 square meters. In Mandiant say that in China “Unit 61398” – is a state secret and not one of the official authorities did not recognize the existence of “61,398 units”, and do not tell anything about his activities. Similarly, a few decades ago, the U.S. acted against the agency NSA.

Meanwhile, Mandiant say “Unit 61398” not only specializes in industrial espionage, but do not hesitate to create a botnet with malware. Since 2006, the division was involved in the creation of several botnets, the organization APT-attacks by 141 companies in 20 areas. 87% of the attacked companies located in the U.S., Europe or Canada. The same countries are indicated for “61,398 units” as a strategic goal.

Inside the “Unit 61398”, there are several ways. One of these trends is organizing the constant attacks on the network targeted victims, but it does not collect data. Data collection and analysis takes a different direction. Earlier, China’s Defense Ministry as the main strategic objectives of “Unit 61398” put the theft of intellectual property, commercial and industrial secrets, test results, business plans and documents related to the activities of the companies, with the prices for the products, partnerships and other data that could to help Chinese manufacturers.

Recall that China has officially denied holding hackers and divisions “goskhakerov” stating that such actions are contrary to the law of the country. The Foreign Ministry of China has always maintained that China itself is a victim of hacking and local companies are constantly under attack from the outside.

Mandiant, detailed the allegations in a 60-page report: http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf

Related links: