BEIJING (AP) — Cyberattacks that stole massive amounts of information from military contractors, energy companies and other key industries in the U.S. and elsewhere have been traced to the doorstep of a Chinese military unit, a U.S. security firm alleged Tuesday. China dismissed the report as “groundless.”
China has frequently been accused of hacking, but the report by Virginia-based Mandiant Corp. contains some of the most extensive and detailed accusations to date linking its military to a wave of cyberspying against U.S. and other foreign companies and government agencies.
Mandiant said it traced the hacking back to a neighborhood in the outskirts of Shanghai that includes a drab, white 12-story office building run by “Unit 61398” of the People’s Liberation Army.
The unit “has systematically stolen hundreds of terabytes of data from at least 141 organizations,” Mandiant wrote. By comparison, the U.S. Library of Congress 2006-2010 Twitter archive of about 170 billion tweets totals 133.2 terabytes.
“From our observations, it is one of the most prolific cyberespionage groups in terms of the sheer quantity of information stolen,” the company said. It added that the unit has been in operation since at least 2006.
Mandiant said it decided that revealing the results of its investigation was worth the risk of the hackers changing their tactics and becoming even more difficult to trace.
“It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively,” it said.
Chinese Foreign Ministry spokesman Hong Lei did not directly address the claims, but when questioned on the report Tuesday, he said he doubted the evidence would withstand scrutiny.
“To make groundless accusations based on some rough material is neither responsible nor professional,” Hong told reporters at a regularly scheduled news conference.
In a reiteration of China’s standard response to such accusations, Hong said China strictly outlaws hacking and said the country itself was a major victim of such crimes, including attacks originating in the United States.
“As of now, the cyberattacks and cybercrimes China has suffered are rising rapidly every year,” Hong said.
Mandiant said its findings led it to alter the conclusion of a 2010 report it wrote on Chinese hacking, in which it said it was not possible to determine the extent of government knowledge of such activities.
“The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese government is aware of them,” the company said in a summary of its latest report.
It said the hacking was traced to the 2nd Bureau of the People’s Liberation Army General Staff’s 3rd Department, most commonly known as unit 61398, in the Shanghai suburbs.
China’s Defense Ministry did not immediately respond to faxed questions about the report, although it has in the past labeled such allegations as groundless and irresponsible, and has demanded that evidence be presented.
News of the report spread Tuesday on the Chinese Internet, with many commentators calling it an excuse for the U.S. to impose greater restrictions to contain China’s growing technological prowess.