Chinese military engaged in cyber espionage campaign: Report
These operators, like soldiers, may merely be following orders given to them by others," Mandiant said.
Releasing the findings of its investigations, Mandiant said the nature of 'Unit 61398' work is considered by China to be a state secret; however, we believe it engages in harmful "Computer Network Operations".
"We estimate that Unit 61398 is staffed by hundreds, and perhaps thousands of people based on the size of Unit 61398's physical infrastructure," the report alleged adding that the China Telecom provided special fiber optic communications infrastructure for the unit in the name of national defence.
Unit 61398 requires its personnel to be trained in computer security and computer network operations and also requires its personnel to be proficient in the English language.
Mandiant has traced APT1's activity to four large networks in Shanghai, two of which serve the Pudong New Area where Unit 61398 is base, it said According to the report, since 2006, Mandiant has observed APT1 compromise 141 companies spanning 20 major industries.
"The sheer scale and duration of sustained attacks against such a wide set of industries from a singularly identified group based in China leaves little doubt about the organisation behind APT1. We believe the totality of the evidence we provide in this document bolsters the claim that APT1 is Unit 61398," it said.
The report, for the first time, has revealed three personas that are associated with APT1 activities – UglyGorilla, DOTA and SuperHard.
Be the first to comment.