Cyber-assault HQ: how US is under attack from this office in Shanghai

Online security firm traces breaches to building occupied by Chinese military

A barrage of malicious cyber-attacks against computer networks in the United States and other countries over several years has been sourced by a private US security firm to a single building on the fringes of Shanghai, which, it says, is occupied by the Chinese military.

A 60-page report released by Mandiant, a Virginia-based firm that specialises in cyber-espionage, concludes that hundreds or perhaps thousands of English-speaking Chinese computer experts toil daily inside the anonymous-looking 12-storey building in the Pudong district of Shanghai. ‘Unit 61398’, as it is known, hacks into foreign networks on behalf of the People’s Liberation Army (PLA), Mandiant alleges.

“The nature of Unit 61398’s work is considered by China to be a state secret; however, we believe it engages in harmful computer network operations,” the security firm said in the report, which drew instant rebukes from the Chinese government. “It is time to acknowledge the threat that is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively.”

The company asserted that the unit, one of several in China believed to be involved in invading overseas computer systems, had “stolen hundreds of terabytes of data from at least 141 organisations across a diverse set of industries beginning as early as 2006”.  While most of the activity targeted corporations in the United States are smaller number is located in Canada and Britain, it said.

Cyber-espionage is becoming an increasingly urgent worry in Washington.  The concern is not just that China, as well any number of other countries, is successfully stealing corporate information – for example merger plans, design blueprints, pricing documents or negotiating strategies – but that it is developing the capacity to sabotage physical infrastructure networks in the US like gas pipelines or power grids.

“In the cold war, we were focused every day on the nuclear command centres around Moscow,” one senior defence official was cited as saying by the New York Times, which first revealed the contents of the Mandiant report. “Today, it’s fair to say that we worry as much about the computer servers in Shanghai.”

President Barack Obama included a call to arms to confront the cyber-threat in his State of the Union address last week.  “We know foreign countries and companies swipe our corporate secrets,” he said. “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air-traffic control systems. We cannot look back years from now and wonder why we did nothing.”

Beijing continues to deny sanctioning such activity. “Hacking attacks are transnational and anonymous,” foreign ministry spokesman Hong Lei said.  “Determining their origins are extremely difficult. We don’t know how the evidence in this so-called report can be tenable.” When BBC journalists approached the building they were briefly detained and forced to relinquish their footage.

Unit 61398 has been known both to private cyber-security firms as well as US intelligence for a while and is sometimes referred as the ‘Comment Crew’ because it has been known to infiltrate online forums and leave comments.  The Mandiant report does not name any victims but says that the 141 companies already infiltrated span 20 major industries.

American companies known to have been targeted by Comment Crew, however, include Coca Cola at a time when it was considering a take-over of a Chinese juice company and RSA, a technology company that creates computer codes to protect confidential corporate and government databases. Alarm bells sounded last September when a unit of Telvent which supplies equipment enabling utility companies remotely to operate valves and switches on gas and oil networks had been invaded by unidentified cyber-intruders.

Responding to the report, White House spokeswoman Caitlin Hayden reiterated only that the United States “has substantial and growing concerns about the threats to U.S. economic and national security posed by cyber intrusions, including the theft of commercial information.” 

The Mandiant report acknowledges that while it has traced assorted cyber-intrusions to servers precisely in the rather run-down district of Pudong where the building occupied by Unit 61398 stands, it cannot be certain they are actually within its walls.  But to suppose they are not is barely plausible, the firm says.

Start your day with The Independent, sign up for daily news emails
Have you tried new the Independent Digital Edition apps?
ebooks
ebooksAn introduction to the ground rules of British democracy
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
SPONSORED FEATURES
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs General

Recruitment Genius: Sales Executive or Senior Sales Executive - B2B Exhibitions

£18000 - £30000 per annum: Recruitment Genius: A Sales Executive or Senior Sal...

Recruitment Genius: Head of Support Services

£40000 - £55000 per annum: Recruitment Genius: This is an exciting opportunity...

Recruitment Genius: Warehouse Team Leader

£22000 per annum: Recruitment Genius: This industry leading company produces h...

Recruitment Genius: Business Development Manager / Sales - OTE £40,000

£20000 - £40000 per annum: Recruitment Genius: This IT provider for the educat...

Day In a Page

A nap a day could save your life - and here's why

A nap a day could save your life

A midday nap is 'associated with reduced blood pressure'
If men are so obsessed by sex, why do they clam up when confronted with the grisly realities?

If men are so obsessed by sex...

...why do they clam up when confronted with the grisly realities?
The comedy titans of Avalon on their attempt to save BBC3

Jon Thoday and Richard Allen-Turner

The comedy titans of Avalon on their attempt to save BBC3
The bathing machine is back... but with a difference

Rolling in the deep

The bathing machine is back but with a difference
Part-privatised tests, new age limits, driverless cars: Tories plot motoring revolution

Conservatives plot a motoring revolution

Draft report reveals biggest reform to regulations since driving test introduced in 1935
The Silk Roads that trace civilisation: Long before the West rose to power, Asian pathways were connecting peoples and places

The Silk Roads that trace civilisation

Long before the West rose to power, Asian pathways were connecting peoples and places
House of Lords: Outcry as donors, fixers and MPs caught up in expenses scandal are ennobled

The honours that shame Britain

Outcry as donors, fixers and MPs caught up in expenses scandal are ennobled
When it comes to street harassment, we need to talk about race

'When it comes to street harassment, we need to talk about race'

Why are black men living the stereotypes and why are we letting them get away with it?
International Tap Festival: Forget Fred Astaire and Ginger Rogers - this dancing is improvised, spontaneous and rhythmic

International Tap Festival comes to the UK

Forget Fred Astaire and Ginger Rogers - this dancing is improvised, spontaneous and rhythmic
War with Isis: Is Turkey's buffer zone in Syria a matter of self-defence – or just anti-Kurd?

Turkey's buffer zone in Syria: self-defence – or just anti-Kurd?

Ankara accused of exacerbating racial division by allowing Turkmen minority to cross the border
Doris Lessing: Acclaimed novelist was kept under MI5 observation for 18 years, newly released papers show

'A subversive brothel keeper and Communist'

Acclaimed novelist Doris Lessing was kept under MI5 observation for 18 years, newly released papers show
Big Blue Live: BBC's Springwatch offshoot swaps back gardens for California's Monterey Bay

BBC heads to the Californian coast

The Big Blue Live crew is preparing for the first of three episodes on Sunday night, filming from boats, planes and an aquarium studio
Austin Bidwell: The Victorian fraudster who shook the Bank of England with the most daring forgery the world had known

Victorian fraudster who shook the Bank of England

Conman Austin Bidwell. was a heartless cad who carried out the most daring forgery the world had known
Car hacking scandal: Security designed to stop thieves hot-wiring almost every modern motor has been cracked

Car hacking scandal

Security designed to stop thieves hot-wiring almost every modern motor has been cracked
10 best placemats

Take your seat: 10 best placemats

Protect your table and dine in style with a bold new accessory