A Chinese military unit is behind the long-tracked "Naikon" hacking collective, which carried out a cyberspying campaign against countries tussling with the nation for control of the South China Sea, according to a report released on Thursday by two cybersecurity firms.
The report by ThreatConnect and Defense Group Inc. said hackers sent email attachments with malicious software embedded to the targets of the cyber-espionage program, which they dubbed "Project Camerashy."
"[It] documents Chinese efforts to gain the upper hand in a geopolitical stand-off by capturing information on regional rivals' negotiating postures, economies and military capabilities," the firms said in a statement. The campaign ran for almost five years, according to the groups' report.
A request for comment to the Chinese embassy in New York was not immediately returned.
The Chinese hackers' targets reportedly include government agencies in Cambodia, Indonesia, Laos, Malaysia, Nepal, Philippines, Singapore, Thailand and Vietnam, as well as international groups including the United Nations Development Programme and the Association of Southeast Asian Nations.
ThreatConnect and DGI said they made the connection between China’s People’s Liberation Army and the hacking group Naikon -- and ultimately discovered details about Project Camerashy -- by following the activity of a single hacker. Ge Xing, who the firms say is a member of a unit of the PLA, used the screen name "GreenSky27" in building malware, on social media sites and in other Web channels.
China has strongly denied state-sponsored hacking claims in the past, and the ThreatConnect report comes amid a week-long visit by Chinese President Xi Jinping to the U.S.. The Chinese leader said during a speech on Tuesday that his country and the U.S. could work together to address cyber conflicts.