tsr pkg todd china hacking us companies_00024618.jpg
How the reported Chinese hackers worked
02:52 - Source: CNN

Story highlights

Mandiant say thousands of cyber attacks have come from one neighborhood near Shanghai

The espionage group mainly targeted U.S. blue chip companies in 20 separate industries

Mandiant VP Grady Summers says diplomatic pressure is needed on Beijng from Washington

The Chinese government is sponsoring cyber-espionage to attack top U.S. companies, according to Grady Summers, vice president of security firm Mandiant.

Virginia-based Mandiant published a 60-page report detailing allegations over a six-year period against a group of hackers – known as Comment Crew – which Summers linked to a secret division of the Chinese military.

Summers told CNN: “China is attacking the U.S. on a scale like we’ve never seen before… We believe that the Communist Party of China is very aware of this.”

Read more: Have the courage to deal with cyber war

Mandiant says the activity can be traced to four networks near Shanghai – with some operations taking place in a location that is also the headquarters of Unit 61398, the secret military division.

Summers added: “Never before have we seen one state-sponsored entity like unit 61398 of the Chinese PLA attacking helpless commercial organizations in other countries.”

Read more: Chinese cyber attacks on West are widespread, experts say

The espionage group mainly targeted U.S. blue chip companies in 20 separate industries from aerospace to financial services.

“It’s really a who’s who of American companies. Of 140 victims worldwide, 115 of them were in the U.S.,” Grady said.

Chinese foreign ministry spokesman Hong Lei dismissed the hacking charges on Tuesday, insisting that China is the victim of many cyberattacks – most originating in the United States.

“Making baseless accusations based on premature analysis is irresponsible and unprofessional,” he said. “China resolutely opposes any form of hacking activities.”

Earlier this month, President Obama signed an executive order designed to address the country’s most basic cybersecurity needs – and highlighted the effort in his State of the Union address.

Summers says a cyber offence by the U.S. is not an appropriate response to the attacks as “it creates more problems than it solves.”

Instead, he advocates better defense systems in organizations that are vulnerable to cyber attacks and diplomatic pressure from Washington on Beijing.

The Mandiant report details 3,000 technical indicators including IP addresses, domain names and encryption certificates, that can be used to strengthen companies’ defenses.