China's army may be behind a computer hacking group that hasattacked at least 141 companies worldwide since 2006, according toa report by a U.S. security firm.

The attacks, mainly directed at U.S. companies, were carried outby a group that is “likely government sponsored” and is similar “inits mission, capabilities, and resources” to a unit of the People'sLiberation Army, Mandiant Corp. said in a report today.

Mandiant said it traced the group, labeled Advanced PersistentThreat 1, to four large computer networks in Shanghai. Two of thenetworks serve the Pudong New Area district, where a secret armyunit called 61398 is based, the report said.

“It is time to acknowledge the threat is originating in China,”Alexandria, Virginia-based Mandiant said. “Our research andobservations indicate that the Communist Party of China is taskingthe Chinese People's Liberation Army to commit systematic cyberespionage and data theft against organizations around theworld.”

A recently prepared U.S. secret intelligence assessment,described Feb. 11 in the Washington Post, said the country'seconomy is endangered by a massive and prolonged computer-espionagecampaign from China. The New York Times also last month said itscomputer systems were breached by Chinese hackers, a claim Chinahas denied.

China's Foreign Ministry said today the country opposes computerhacking and that it is a victim of attacks. The U.S. is the biggestattacker of China's Internet, said Hong Lei, a spokesman for theministry. Making “unfounded accusations” is not conducive toresolving the issue, Hong said when asked about the report at aregular briefing today.

“It's inaccurate and unprofessional to accuse the Chinesemilitary of Internet attacks,” the Ministry of Defense said by faxtoday in response to a Bloomberg News request for comment on theMandiant report. “China's military has never supported hacking andthe country has always cracked down on relevant criminals.”

A spokesman for President Barack Obama's National SecurityCouncil said the U.S. has “substantial and growing concerns” aboutcyber threats, and the administration is aware of the MandiantTechnologies report and its contents.

Raising Concerns

“We have repeatedly raised our concerns at the highest levelsabout cyber theft with senior Chinese officials, including in themilitary, and we will continue to do so,” the spokesman, TommyVietor, said in an e-mail.

Vietor didn't draw a specific link between China and hackingattacks. “The U.S. and China are among the world's largest cyberactors and it is vital that we continue a sustained, meaningfuldialogue and work together to develop an understanding ofacceptable behavior in cyberspace,” he said.

Obama issued an executive order Feb. 12 directing the governmentto develop voluntary cyber-security standards for companiesoperating the nation's vital infrastructure, such as power gridsand air traffic control systems.

Bloomberg News reported in November that hackers from Chinabroke into computer systems at Coca-Cola Co. in 2009 and reportedin July that Chinese hackers targeted 20 organizations, includingthe European Union Council, while being monitored by securityresearchers in 2011.

Bloomberg's Dune Lawrence, while reporting on Chinese onlineespionage this month, also suffered a hacker attack that GoogleInc. said may have been state-sponsored.

APT1 has attacked companies in 20 major industries, and 87percent of the targets are based in countries where English is thefirst language, according to the Mandiant report. Targets werebased in countries including the U.S., Canada, the U.K., India andSingapore. Mandiant's research was reported earlier by the New York Times.

Bloomberg News

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.