Kevin Mandia: Hackings On US Traced To China Military Unit

Kevin Mandia
Kevin Mandia

Cyber attacks on U.S. corporations, organizations and government agencies are largely coming from a 12-story tower in Shanghai that is home to a Chinese army unit, a U.S. computer security firm says in a study.

The New York Times reports Mandiant was not able to precisely place the hackers in the building, home to People's Liberation Army Unit 61398, but says there can be no other explanation for why so many attacks come from that area of the city.

Kevin Mandia, the founder and chief executive of Mandiant, told the Times the attacks either come from Unit 61398 or those in charge of China-based Internet networks do not know about how the attacks come from that neighborhood.

Mandia told the Times more than 90 percent of the 141 attacks the firm studied came from the same neighborhood as Unit 61398’s building and that area contained two Internet Protocol addresses used in the attacks.

Mandiant traced 3,000 addresses and other attack source indicators to the group it identified as Advanced Persistent Threat 1 and determined the evidence shows APT 1 is Unit 61398.

You may also be interested in...

Red Hat's David Egts: Open-Source Training, “˜Sense of Mission' Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat's North American public sector, has said there are several options …

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 …

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability …