PLA Unit 61389 are the chinese cyber-warfare unit, although there is very little published about their clandestine operations. In a county as secretive as China, it is to be expected that they would keep this group relativity secretive.

In 2013 an american security firm Mandiant released a report highlighting PLA Unit 61398, and suspects them for launching attacks on the US. Their targets are not only governmental and federal organisations, but also private sector businesses.

The types of attacks carried out by this group range from advanced persistent threats to the deployment of malware. It is hard to find an accurate figure on the numbers of attacks carried out by this group, as they wish to remain secretive. It is understandable that China’s offensive cyber unit does not want to take credit for every attack they have carried out.

That being said they have been accused of a number of attacks over the years. There is speculation around the groups involvement in Operation Shady Rat, this attack is said to have affected more than 70 organisations including the United Nations and US Government.
There are also other reports that suggest that the number of organisations that had been attacked by this group is in the thousands. Through further investigation it appeared as if most of these attack are carried out during working hours in Beijing’s time zone, although this is not concrete evidence it allows for further speculation of the attackers location. And due to the sum what regimented hours these attackers are carried out in, lead me to believe that although it could be a well structure group of hackers it is much more likely that this organisation if official or governmental.

Will anymore of the activities carried out by this group hit the head lines or will it all mealy remain speculation and accusations?

 

 

One thought on “PLA Unit 61398 – Who are they?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s