Chinese university tied to “APT1” army cyber unit

By now everybody in the security industry has read the Mandiant APT1 report or at least a TEXTsummary of it, and has heard the many voices of either agreement or dissent regarding the company’s findings. In fact, even anonymous netizens have joined the fray by searching for additional proof to confirm the findings.

Now Reuters’ Melanie Lee points out that a number of papers on computer network security and intrusion accessible on the Internet link the Shanghai Jiaotong University with the PLA unit considered to be behind the APT1 attacks, as posited by Mandiant.

Collaboration between academic researchers and those employed by intelligence agencies is practically non existent in the U.S., but it seems that Chinese researchers have no qualms about working together and such ties are not frowned upon.

According to Lee, Xue Zhi, the vice-president of Shanghai Jiaotong’s School of Information Security Engineering and developer of China’s leading infiltrative cyber-attack platform has collaborated with a PLA researcher by the name of Chen Yi-qun on a paper addressing a network monitoring system.

Chen has later also worked with associate professor Fan Lei on another paper. Fan claims that this was because Chen was, at the time, a student at the university and that he didn’t know that Chen was part of Unit 61398 – even though both papers mentioned.

Shanghai Jiaotong’s School of Information Security Engineering is not the only department that collaborated with the PLA. The school’s Department of Computer Science and Engineering did research work with another PLA unit, claims Russell Hsiao, Senior Research Fellow at the Project 2049 Institute.