China disowns cyber attacks

Posted at 02/19/2013 9:00 PM | Updated as of 02/20/2013 9:22 PM

BEIJING - China on Tuesday dismissed a report by a U.S. computer security company that accused a secretive Chinese military unit of being behind a prolific series of hacking attacks.

The report by Mandiant identified the People's Liberation Army Unit 61398 based in Shanghai as the most likely driving force behind the hacking.

Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries.

Unit 61398 is located in Shanghai's Pudong district, China's financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations, Mandiant said in its report.

The unit had stolen "hundreds of terabytes of data from at least 141 organisations across a diverse set of industries beginning as early as 2006", it said.

Most of the victims were located in the United States, with smaller numbers in Canada and Britain. The information stolen ranged from details on mergers and acquisitions to the emails of senior employees, the company said.

The Chinese Foreign Ministry said it had doubts about the evidence provided in the report.

"We have stressed many times that hacking attacks are transnational and anonymous. Determining their origins is extremely difficult. We don't know how the evidence in this so-called report can be tenable," Foreign Ministry spokesman Hong Lei told a regular news conference in Beijing.

"Internet hacking attacks are an international problem that should be resolved on the basis of mutual trust and respect and international cooperation. Continuous criticism based on rudimentary data is irresponsible, unprofessional an not helpful in resolving the issue," he added.

Hong also reiterated the Chinese government's firm opposition to hacking.

"China firmly opposes hacking, has implemented relevant laws and regulations, and adopted strict enforcement measures to prevent hacking activities. China is also a victim of Internet hacking attacks," he said.

Though privately held and little known to the general public, Mandiant is one of a handful of U.S. cyber-security companies that specialise in attempting to detect, trace and prevent the most advanced hacking attacks, rather than the routine viruses and intrusions that befoul corporate networks on a daily basis.

U.S. officials have complained in the past to China about sanctioned trade-secret theft, but have had limited public records to point to.

The Mandiant report comes a week after U.S. President Barack Obama issued a long-awaited executive order aimed at getting the private owners of power plants and other critical infrastructure to share data on attacks with officials and to begin to follow the latest best practices on security.