Shanghai Government Hacking Based Exposed

Pedestrians walk past the headquarters for the secretive PLA Unit 61398 on the outskirts of Shanghai.
Pedestrians walk past the headquarters for the secretive PLA Unit 61398 (centre) on theoutskirts of Shanghai. Photo: CARLOS BARRIA/REUTERS

(A key military base used by the Chinese to hack into the computer networks of foreign governments and companies has allegedly been uncovered in Shanghai. It may look like any other Shanghai office building, but experts believe this 12-floor tower is actually the nerve centre of one of the world’s most dangerous military cyber-hacking operations.

For the first time, American computer analysts have traced over a hundred attacks on government departments, companies and journalists to this one site around 40 minutes outside Shanghai’s city centre, reportedly the headquarters of People’s Liberation Army Unit 61398.

In a 60-page report, Mandiant, a computer security company, said it believed that a hacking network named the “Comment Crew” or the “Shanghai Group” operated from the compound.

It said there were “hundreds, and perhaps thousands of people” working inside to breach the security not only of global corporations, but also of foreign power grids, gas lines and waterworks.

While the inner-sanctums of the Shanghai PLA base are off-limits to outsiders, the existence of the military compound is no secret in what is a bustling residential neighbourhood.

There is no sign identifying the PLA base by name but clear orders have been placed outside – in Chinese and English. “Restricted military area. No photographing or filming.” Men in PLA uniform guarded the entrance.

Large propaganda posters are pinned to walls around the base between Shanghai’s Datong and Tonggang roads. “Everyone has the duty to defend our country and our home!” reads one poster, featuring a group of young soldiers crawling through mud.

Another poster shows a line of PLA tanks and four fighter jets and is emblazoned with the slogan: “Security and peace protects hundreds of thousands of households!”

Opposite the building identified by Mandiant is a street of hardware shops and a salon carrying a bright pink sign with the name: “Slender Beauty.”

Next door, a residential compound for military families greets visitors with a plaque reading: “Be faithful and loyal to the Party. Love the people. Dedicate yourself to the cause.”

On Tuesday afternoon, a woman who identified herself as a member of ‘Unit 61398’ but refused to produce any identification reprimanded the Daily Telegraph for taking notes on a nearby street corner.

Men who appeared to be undercover security agents photographed reporters outside the base’s main entrance and people carriers with blacked-out windows patrolled nearby streets.

While Mandiant could not trace the hacking attacks to inside the building, the company’s chief executive, Kevin Mandia, told the New York Times: “Either they are coming from inside Unit 61398 or the people who run the most controlled, most monitored internet networks in the world are clueless about thousands of people generating attacks from this one neighbourhood.”

Recent months have seen a succession of media groups, including the New York Times, the Washington Post and the Wall Street Journal report that hackers, with alleged ties to the PLA, had invaded or attempted to compromise their systems.

The Mandiant report claimed that hackers who appeared to be working out of the Shanghai PLA unit had launched over 140 attacks since 2006, stealing “hundreds of terabytes of data”. Most of the targets were in the United States although some were in the UK.

The report is the most concrete confirmation yet that the wave of cyber-attacks emanating from China is sponsored, at least in part, by the Chinese government.

However, a spokesman for the Chinese Foreign ministry dismissed the allegations as “groundless” in a regular press briefing. In the past, the People’s Daily, the mouthpiece of the Communist party, has accused the US of sensationalising China’s cyber threat as an excuse to expand its own “internet army”.

In his recent State of the Union address, US president Barack Obama warned of the threat to the United States from foreign hackers.

“We know hackers steal people's identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air-traffic control systems. We cannot look back years from now and wonder why we did nothing.”

Read More - Click Here!