mead cohen berger shevtsova garfinkle michta grygiel blankenhorn
No Truce in US-China Cyberwar


They’re baaaaaack!

The infamous Chinese hacking group Unit 61398 is once again on the offensive after a few quiet weeks. The PLA-guided hackers were fingered by Washington for dozens of sophisticated hack attacks against targets in the West earlier this year. Now Mandiant, the computer security firm that first exposed Unit 61398, says the hackers are at it again. The NYT reports:

It is not clear precisely who has been affected by the latest attacks. Mandiant…said the attacks had resumed but would not identify the targets, citing agreements with its clients. But it did say the victims were many of the same ones the unit had attacked before….

Mandiant said that the Chinese hackers had stopped their attacks after they were exposed in February and removed their spying tools from the organizations they had infiltrated. But over the past two months, they have gradually begun attacking the same victims from new servers and have reinserted many of the tools that enable them to seek out data without detection. They are now operating at 60 percent to 70 percent of the level they were working at before, according to a study by Mandiant requested by The New York Times.

This will likely mark a low point in the recent period of friendliness between the Chinese and American militaries, which we wrote about here. Hack attacks like those waged by Unit 61398 don’t help the world’s two most important militaries remain rivals, not enemies. But as the head of Mandiant told the Times, “I think you have to view this as the new normal.”

[Dragon image and cyber background courtesy of Shutterstock]

Features Icon
show comments
© The American Interest LLC 2005-2016 About Us Masthead Submissions Advertise Customer Service