Last week, information security company Mandiant released a report on China’s hacking and cyber spying that showed strong evidence that the Chinese Communist Party’s military—the PLA—is responsible for more than 100 attacks on US corporations, organizations, and even government agencies. The report traced a well-known group of hackers to Unit 61398 of the PLA, which is based in Shanghai.
The Mandiant report analyzes seven years of attacks and shows that the Chinese military has stolen data from these companies and organizations over the course of months, and in some cases, years. And it also shows that attacks have ramped up in the last two years, and have targeted critical US infrastructure such as power grids and oil pipelines.
With the increasing visibility of China’s cyber spying, will Chinese authorities continue to deny their involvement? In a factionalized Party, is the Chinese military spearheading these attacks, or is the order coming from the top levels of the ruling Politburo Standing Committee? And what is China’s hacking strategy, and will it change as more evidence like the Mandiant report comes to light?