It had been three months since regular cyberattacks aimed at gaining information from U.S. companies and government agencies were traced to the Chinese military. Some commentators thought that the naming in the U.S. media of the PLA unit linked to a spate of attacks (including against the AP and the New York Times) had pushed the Chinese hackers into inaction. However, according to the Times Monday, “Unit 61398, whose well-guarded 12-story white headquarters on the edges of Shanghai became the symbol of Chinese cyberpower, is back in business, according to American officials and security companies.”
Chinese officials have continuously denied that their military is connected to cyberattacks against the U.S., while the White House has warned China against continued data theft attacks.
Via the Times:
It is not clear precisely who has been affected by the latest attacks. Mandiant, a private security company that helps companies and government agencies defend themselves from hackers, said the attacks had resumed but would not identify the targets, citing agreements with its clients. But it did say the victims were many of the same ones the unit had attacked before.
The hackers were behind scores of thefts of intellectual property and government documents over the past five years, according to a report by Mandiant in February that was confirmed by American officials. They have stolen product blueprints, manufacturing plans, clinical trial results, pricing documents, negotiation strategies and other proprietary information from more than 100 of Mandiant’s clients, predominantly in the United States.