x Abu Dhabi, UAE Friday 21 July 2017

China says US hacking accusations lack technical proof

The statement came after the White House said overnight that it has repeatedly taken its concerns about cyber-theft to the highest levels of the Chinese government.

BEIJING // Accusations by a US computer security company that a secretive Chinese military unit is likely behind a series of hacking attacks are scientifically flawed and hence unreliable, China's defence ministry said today.

The statement came after the White House said overnight that it has repeatedly taken its concerns about cyber-theft to the highest levels of the Chinese government, including with Chinese military officials.

The security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries.

The Chinese defence ministry, which has already denied the charges, went further in a new statement, slamming Mandiant for relying on spurious data.

"The report, in only relying on linking IP address to reach a conclusion the hacking attacks originated from China, lacks technical proof," the ministry said.

"Everyone knows that the use of usurped IP addresses to carry out hacking attacks happens on an almost daily basis," it added.

"Second, there is still no internationally clear, unified definition of what consists of a 'hacking attack'. There is no legal evidence behind the report subjectively inducing that the everyday gathering of online [information] is online spying."

As hacking is a cross-border, anonymous and deceptive phenomenon, by its very nature it is hard to work out exactly where hacks originated, the statement said.

The Chinese foreign ministry spokesman Hong Lei, asked about the US taking up its concerns about hacking with Beijing, said: "China and the US have maintained communication over the relevant issue".

Unit 61398 is located in Shanghai's Pudong district, China's financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations, Mandiant said in its report.

The unit had stolen "hundreds of terabytes of data from at least 141 organisations across a diverse set of industries beginning as early as 2006", it said.

Most of the victims were located in the United States, with smaller numbers in Canada and Britain. The information stolen ranged from details on mergers and acquisitions to the emails of senior employees, the company said.

The Chinese defence ministry said China's own figures show that a "considerable" number of hacking attacks it is subjected to come from the United States.

"But we don't use this as a reason to criticise the United States," the ministry said.