Security firm Mandiant has released a damning report offering unprecedented evidence, including screen capture video, of the actions of an alleged Chinese military-backed hacking group.
The report, titled βAPT1: Exposing One of Chinaβs Cyber Espionage Unitsβ, tracks the cyber espionage group dubbed Advanced Persistent Threat 1 as far back as 2006.
βOur analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of Chinaβs cyber threat actors,β Mandiant wrote.
The π of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!
More specifically, the group is believed to be the 2nd Bureau of the Peopleβs Liberation Army (PLA) General Staff Departmentβs (GSD) 3rd Department, also known as Unit 61398.
Appendices attached to the report include thousands of indicators of APT1βs methods, including domain names and IP addresses.
Working off an advance copy of the report, The New York Times followed the trail to buildings in Shanghai believed to house the unit. When the Times encountered persistent attacks from Chinese hackers last year, it worked with Mandiant to monitor and block the intrusions.
While Chinese officials have dismissed the claims of state-sponsored hacking as βgroundlessβ, numerous media organizations, including Bloomberg and The Wall Street Journal, and companies have come forward to state that they faced similar attacks.
The PLA has long been suspected of orchestrating complicated cyber-attacks against foreign governments and corporations, but public evidence backing up those suspicions has been lacking. As such, Mandiantβs report stands as some of the most compelling proof of the Chinese hacking apparatus available to civilians.
If youβre interested in reading the full report, you can access it here.
Image credit: iStockphoto
Get the TNW newsletter
Get the most important tech news in your inbox each week.