In a fascinating, unprecedented, and statistics-packed report, security firm Mandiant made direct allegations and exposed a multi-year, massive cyber espionage campaign that they say with confidence is the work of China, more specifically, a unit of China’s People’s Liberation Army (PLA).
Mandiant has named the attack group “APT1”, what is likely a government-sponsored group that is one of the most persistent of China's cyber threat actors, and considered to be one of the most prolific in terms of quantity of information it has stolen.
According to Mandiant’s investigations, APT1 has taken hundreds of terabytes of data from at least 141 organizations across many industries going as far back early 2006, but this represents just a small fraction of the overall cyber espionage that APT1 has conducted.
It was the massive scale and impact of APT1's operations that compelled Mandiant to write and publically release the report.
Mandiant believes APT1 is the 2nd Bureau of the People’s Liberation Army (PLA) General staff Department’s (GSD) 3rd Department, commonly known by its Military unit Cover Designator (MUCD) as Unit 61398.