{"id":11144,"date":"2013-02-19T00:00:00","date_gmt":"2013-02-19T00:00:00","guid":{"rendered":"http:\/\/localhost\/cyber-operations\/pla-unit-61398\/"},"modified":"2013-02-19T00:00:00","modified_gmt":"2013-02-19T00:00:00","slug":"pla-unit-61398","status":"publish","type":"post","link":"https:\/\/www.cfr.org\/cyber-operations\/pla-unit-61398","title":{"rendered":"PLA Unit 61398"},"content":{"rendered":"<p>U.S. cybersecurity firm Mandiant, later purchased by FireEye, released <a href=\"https:\/\/www.fireeye.com\/blog\/threat-research\/2013\/02\/mandiant-exposes-apt1-chinas-cyber-espionage-units.html\">a report<\/a> in February 2013 that exposed one of China\u2019s cyber espionage units, Unit 61398. The group, which FireEye called APT 1, is a unit within China\u2019s People\u2019s Liberation Army (PLA) that has been linked to a wide range of cyber operations targeting U.S. private sector entities for espionage purposes. The comprehensive report detailed evidence connecting APT 1 and the PLA, offered insight into APT 1\u2019s operational malware and methodologies, and provided timelines of the espionage it conducted.<\/p>\n<p><span><span><span>FireEye termed Unit 61398 \u201cAPT 1\u201d to indicate that the threat actor was an <a href=\"https:\/\/www.fireeye.com\/blog\/executive-perspective\/2014\/04\/apt1-the-state-of-the-hack-one-year-later.html\">Advanced Persistent Threat<\/a>, a type of operation in which the goal of the network intrusion is not only to gain access to a server or system, but also to retain ongoing access and engage in protracted cyber operations. The APT 1 report exposed the infrastructure of a cyber threat actor and gave both government and nongovernment organizations insight into the escalating nature of state-sponsored cyber operations.<\/span><\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>U.S. cybersecurity firm Mandiant, later purchased by FireEye, released a report in February 2013 that exposed one of China\u2019s cyber espionage units, Unit 61398. The group, which FireEye called APT 1, is a unit within China\u2019s People\u2019s Liberation Army (PLA) that has been linked to a wide range of cyber operations targeting U.S. private sector [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_cloudinary_featured_overwrite":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[],"cyber_operation":[49],"state_sponsor":[30],"victim_category":[63,138],"victim_government_response":[194],"victim":[19,27,56,72,80,83,104,125,148,151,159,162,178,180,182],"class_list":["post-11144","post","type-post","status-publish","format-standard","hentry","category-threat-actor","cyber_operation-espionage","state_sponsor-china","victim_category-government","victim_category-private-sector","victim_government_response-yes","victim-belgium","victim-canada","victim-france","victim-india","victim-israel","victim-japan","victim-luxembourg","victim-norway","victim-singapore","victim-south-africa","victim-switzerland","victim-taiwan","victim-united-arab-emirates","victim-united-kingdom","victim-united-states"],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/11144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/comments?post=11144"}],"version-history":[{"count":0,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/11144\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/media?parent=11144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/categories?post=11144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/tags?post=11144"},{"taxonomy":"cyber_operation","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/cyber_operation?post=11144"},{"taxonomy":"state_sponsor","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/state_sponsor?post=11144"},{"taxonomy":"victim_category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_category?post=11144"},{"taxonomy":"victim_government_response","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_government_response?post=11144"},{"taxonomy":"victim","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim?post=11144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}