Mandiant say thousands of cyber attacks have come from one neighborhood near Shanghai
The espionage group mainly targeted U.S. blue chip companies in 20 separate industries
Mandiant VP Grady Summers says diplomatic pressure is needed on Beijng from Washington
The Chinese government is sponsoring cyber-espionage to attack top U.S. companies, according to Grady Summers, vice president of security firm Mandiant.
Virginia-based Mandiant published a 60-page report detailing allegations over a six-year period against a group of hackers – known as Comment Crew – which Summers linked to a secret division of the Chinese military.
Summers told CNN: “China is attacking the U.S. on a scale like we’ve never seen before… We believe that the Communist Party of China is very aware of this.”
Mandiant says the activity can be traced to four networks near Shanghai – with some operations taking place in a location that is also the headquarters of Unit 61398, the secret military division.
Summers added: “Never before have we seen one state-sponsored entity like unit 61398 of the Chinese PLA attacking helpless commercial organizations in other countries.”
The espionage group mainly targeted U.S. blue chip companies in 20 separate industries from aerospace to financial services.
“It’s really a who’s who of American companies. Of 140 victims worldwide, 115 of them were in the U.S.,” Grady said.
Chinese foreign ministry spokesman Hong Lei dismissed the hacking charges on Tuesday, insisting that China is the victim of many cyberattacks – most originating in the United States.
“Making baseless accusations based on premature analysis is irresponsible and unprofessional,” he said. “China resolutely opposes any form of hacking activities.”
Earlier this month, President Obama signed an executive order designed to address the country’s most basic cybersecurity needs – and highlighted the effort in his State of the Union address.
Summers says a cyber offence by the U.S. is not an appropriate response to the attacks as “it creates more problems than it solves.”
Instead, he advocates better defense systems in organizations that are vulnerable to cyber attacks and diplomatic pressure from Washington on Beijing.
The Mandiant report details 3,000 technical indicators including IP addresses, domain names and encryption certificates, that can be used to strengthen companies’ defenses.