Cyber Spying: China’s “Unit 61398” Traced

Security Binary DataAn IDG News Service article reports that the security company Mandiant’s recent report identified a cyber spying group linked to the Chinese People Liberation Army as being responsible for Internet attacks on computers at 141 companies spanning 20 major industries, mostly in countries where English is the native language.

They use a form of attack we call advanced persistent threat or APT, to steal confidential documents, company secrets, product designs, and other close-held information. This attack method has also been used to steal secrets from government agencies.

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. APT attacks target organizations in sectors with high-value information, such as national defense, manufacturing and the financial industry.

“China’s Foreign Ministry said on Tuesday the nation is firmly opposed to hacking, and has supported regulation to prevent cyberattacks. The government has previously denied accusations that Chinese hackers attacked major newspapers.

The country has also been the victim of hacking, with the number one origins for those attacks coming from the U.S., said ministry spokesman Hong Lei during a press conference.”

Mandiant’s report states: “that an Advanced Persistent Threat group it called APT1 was one of the most persistent of China’s cyberthreat actors because of its likely government support.

In seeking to identify the organization behind this activity, our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources,” Mandiant said in its report. “PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate.”

The seriousness of this type of cybercrime is illustrated by U.S. Secretary of Defense Leon E. Panetta, when he stated that the country is on the verge of a cyber Pearl Harbor: referring to Japan’s attack on the U.S. Naval base at Pearl Harbor, Hawaii at the beginning of World War II. See Warning:Cyber-Pearl Harbor Attack on U.S.

Reference: IDG article

Be very careful…it’s dangerous out there.

Please comment on this article; we all learn from each other when our views and opinions are shared.

I hope you enjoyed this article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.

Remember, personal computing is a blast…keep it productive and enjoyable.

Best regards,



I’m also on Twitter, @PaulsInternet.

Images courtesy of and


Leave a comment

Filed under Cybercrime, Internet Security

What do you think?

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s