Tuesday, February 19, 2013
Unit 61398 - China's Computer Commandos
It's possibly the most successful unit in China's Peoples Liberation Army. Unit 61398 is believed to have hacked hundreds of terabytes of data from targets in Canada, the U.S. and Britain.
The report, by [U.S. security company] Mandiant, identified the People's Liberation Army's (PLA) Shanghai-based Unit 61398 as the most likely perpetrators of the hacking. The company said it believed the unit had carried out "sustained" attacks on a wide range of industries.
"The nature of Unit 61398's work is considered by China to be a state secret; however, we believe it engages in harmful computer network operations," Mandiant said. "It is time to acknowledge the threat that is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively."
Unit 61398 is based in the Pudong district, China's financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations, the report said.
It said the unit had "stolen hundreds of terabytes of data from at least 141 organisations across a diverse set of industries beginning as early as 2006". Most of the victims were located in the US, with smaller numbers in Canada and Britain. The information stolen included details on mergers and acquisitions and the emails of senior employees, the report said.
Among the information China is believed to have stolen are big chunks of computer code and other contractor data for the F-35 joint strike fighter. Chinese hackers reportedly made repeated forays into the computers of Lockheed and its British partner, BAE.