WASHINGTON — A well-known cyber security firm says the Chinese military unit at the center of recent U.S. cyber spying charges is continuing to carry out hacking activities.
Mandiant, which first published a report that documented alleged hacks of U.S. businesses by a People's Liberation Army [PLA] unit in Shanghai, says the group it has named APT1 is still trying to break into the data of American corporations.
Richard Bejtlich, the Chief Security Officer of Mandiant, told VOA's Mandarin service that his firm continues to monitor the activities of the group.
“APT1 is one of the groups we continue to track. We still see plenty of their command and control, so we are able to compare that to the previous year and see if they are still active,” said Bejtlich.
The news comes as a different U.S. security firm announced Monday that it has evidence that a different PLA unit has also been involved in hacks and attacks against Western government agencies and defense contractors since 2007. CrowdStrike said the hacking targeted the U.S. space, aerospace and communications sectors.
China has denied its military is involved in stealing data from U.S. businesses. After five PLA members were indicted by the U.S. last month, Beijing protested by suspending a joint cyber working group with Washington.
But Bejtlich said he thinks China will resume the discussions in the long run for its own national interests.
“They don’t want to be spied upon, and they don’t want a really bad relationship so it would break down economically," he said. "So there are plenty areas where we can collaborate, need to collaborate, so that’s why we will continue to have these discussions.”
Last month, the U.S. Justice Department indicted five PLA members on charges related to cyber espionage. It accused them of spying on U.S. businesses to help the profits of Chinese companies.
Da Hai Han contributed to this report from Hong Kong.
This report was produced in collaboration with the VOA Mandarin service.