There is growing evidence that Chinese Army backed cyber-warriorsÂ are behind numerous cyber attacks onÂ theÂ US. The PLA is donkey deep in the murk.
Perhaps it is time we re-visited that Huawei decision:
On the outskirts of Shanghai, in a run-down neighborhood dominated by a 12-story white office tower, sits a Peopleâ€™s Liberation Army base forÂ Chinaâ€™s growing corps of cyberwarriors.
The building off Datong Road, surrounded by restaurants, massage parlors and a wine importer, is the headquarters of P.L.A. Unit 61398. A growing body of digital forensic evidence â€” confirmed by American intelligence officials who say they have tapped into the activity of the army unit for years â€” leaves little doubt that an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around the white tower.
An unusually detailedÂ 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups â€” known to many of its victims in the United States as â€śComment Crewâ€ť or â€śShanghai Groupâ€ť â€” to the doorstep of the military unitâ€™s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area.Â
â€śEither they are coming from inside Unit 61398,â€ť said Kevin Mandia, the founder and chief executive of Mandiant, in an interview last week, â€śor the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.â€ť
Other security firms that have tracked â€śComment Crewâ€ť say they also believe the group is state-sponsored, and a recent classifiedÂ National Intelligence Estimate, issued as a consensus document for all 16 of the United States intelligence agencies, makes a strong case that many of these hacking groups are either run by army officers or are contractors working for commands like Unit 61398, according to officials with knowledge of its classified content.