To no one’s real surprise, the culprit behind all the hackings against the United States is the Chinese Army. Specifically, they’re known as the ‘Comment Crew’ or ‘Shanghai Group’ (two rather non-intimidating names if you ask me) and they’re in P.L.A. Unit 61398, a 12-storey office tower located just outside of Shanghai. That little building is responsible for much of the cyber attacks against the US from China.
Mandiant, a security firm, has spent time analysing the Comment Crew’s work and have counted more than 140 attacks from the hacking group since 2006. The Comment Crew — which is apparently a different group to the one that attacked US media outlets — attacks critical infrastructure in the US—electrical power grid, gas lines, water, etc. They ain’t playing around.
Mandiant has discovered that tracing hacks of the Comment Crew (named such because they embed hidden code or comments into web pages) all pointed to the P.L.A Unit 61398 headquarters in the Pudong district of Shanghai. More than 90 per cent of the attacks that Mandiant has studied, come from IP addresses used in the same neighbourhood as P.L.A Unit 61398. That’s where the Chinese hackers are. That where the hacks are coming from. Mandiant sarcastically acknowledges that the only other possibility is:
“A secret, resourced organization full of mainland Chinese speakers with direct access to Shanghai-based telecommunications infrastructure is engaged in a multiyear enterprise-scale computer espionage campaign right outside of Unit 61398’s gates.”
The Chinese are denying that they have been hacking the US, claiming such an activity is illegal. Nevertheless, the Obama administration plans to inform China’s new leaders that the attacks have “become so intense that they threaten the fundamental relationship between Washington and Beijing”. Two heavyweights are going to butt heads because of hacking. Read the full report at the New York Times. [NYT]
Picture: New York Times