Mandiant, a security company, identified in a report that China’s Shanghai-based People’s Liberation Army unit has been found to be the most likely driving force behind the cyberattacks that stole sensitive information from military contractors, energy companies and other key industries in the U.S.


“The nature of ‘Unit 61398’s’ work is considered by China to be a state secret; however, we believe it engages in harmful ‘Computer Network Operations’,” Mandiant said in a report released in the United States on Monday.

According to the report, the Chinese government is directly funding numerous cyberattacks against western companies and defense groups in the U.S.

“It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively,” the report said.

In response to the allegations by Virginia based Mandiant Corp., China has issued a flat dismissal of the report as unprofessional and regarded all the allegations as “groundless”.

“Hacking attacks are transnational and anonymous. Determining their origins are extremely difficult. We don’t know how the evidence in this so-called report can be tenable,” spokesman Hong Lei told a daily news briefing.

Firmly rejecting any kind of involvement in the past cyberattacks, the Defense Ministry of China said: “The Chinese government has always firmly combated such activities and the Chinese military has never supported any form of hacking activity,” the ministry said. “Statements to the effect that the Chinese military takes part in Internet attacks are unprofessional and are not in accordance with the facts.”

Mandiant writes that the Shanghai-based unit has compromised the networks of at least 141 companies in America, Canada and U.K. The majority of the attacks were targeted towards companies in the United States.

“Unit 61398” had stolen  “hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006”, the report said.

“From our observations, it is one of the most prolific cyberespionage groups in terms of the sheer quantity of information stolen,” the company said.

Endorsing the findings of the security report by Mandiant, Ferguson told the Guardian that the evidence collected by the company over a prolonged period of time pointed very strongly towards the obvious involvement of China in the recent cyber attacks in U.S., Canada and U.K.