Computer security: A Chinese military unit has infiltrated a Luxembourg organisation as part of a massive electronic spying campaign against Western organisations, a US information security company has charged.
According to a US electronic security company, Mandiant, an unnamed organisation in Luxembourg has been successfully attacked by a “cyber espionage unit” named “APT1” which Mandiant said is affiliated with the Chinese military. This was part of systematic attacks against more than 100 Western organisations over several years by the unit, Mandiant claimed.
In its report, the security firm did not name any organisations whose IT systems had been breached. A spokeswoman for Mandiant told Delano that it would not reveal the identity of the organisation in Luxembourg “due to the privacy concerns of those impacted”.
The Luxembourg government was not the target of the attack, a spokesman for the state’s Computer Emergency Response Team informed Delano. The agency is responsible for cyberattacks against government agencies and infrastructure operators in Luxembourg, although not for IT networks elsewhere.
Indeed, the identity of the victim may never be known as there is no legal obligation to disclose such attacks and “usually targets are not so keen to have their names mentioned in public”, explained Ralf-Philipp Weinmann, a computer security researcher at the University of Luxembourg.
However Mandiant’s 74-page report did say that “of the 141 APT1 victims, 87% of them are headquartered in countries where English is the native language.”
The security firm said that over the past seven years it has observed attacks against 115 victims in the US, five in the UK, three each in India and Israel, two each in Singapore, Switzerland and Taiwan, and one each in Luxembourg, Belgium, France, Japan, Norway, South Africa and the UAE.
“These include international cooperation and development agencies, foreign governments in which English is one of multiple ofﬁcial languages, and multinational conglomerates that primarily conduct their business in English.”
Mandiant’s report also alleged that “the industries APT1 targets match industries that China has identiﬁed as strategic to their growth, including four of the seven strategic emerging industries that China identiﬁed in its 12th Five Year Plan” and that “APT1” is actually People’s Liberation Army “Unit 61398” based in suburban Shanghai.
The firm is based near Washington and gained notoriety earlier this month after the New York Times said Mandiant had obtained evidence that Chinese hackers had infiltrated the American newspaper’s computer network.
China denies responsibility
As of 8:00 on Thursday morning, neither the Chinese embassy in Luxembourg nor China’s foreign ministry in Beijing had not returned Delano’s messages seeking comment. However, the Chinese government and military have repeatedly refuted such allegations in the past.
On Tuesday the Washington Post quoted a Chinese defence ministry spokesperson as saying that “similar to other countries, China faces serious threats from cyberattack and is one of the main victims of cyberattacks in the world.” The spokesperson added: “the Chinese army never supported any hacking activities. The accusation that the Chinese military engaged in cyberattacks is neither professional nor in accordance with facts.”
The Post also quoted Chinese foreign ministry spokesman Hong Lei as saying: “hacking attacks are transnational and anonymous” and that “we don’t know how the evidence in this so-called report can be tenable.”