ThreatConnect and Defense Group Inc. (DGI) have released an in-depth joint report that exposes the extent of China’s military cyber attacks in the South China Sea.
The report concludes that "for nearly five years, Unit 78020 has used an array of global midpoint infrastructure to proxy the command and control of customised malware variants embedded within malicious attachments or document exploits."
Unit 78020 is a unit in the Chinese People Liberation Army (PLA), and the report says that it "conducts cyber espionage again Southeast Asian military, diplomatic, and economic targets."
The researchers go as far as to to name a PLA Officer involved in the unit’s operations, Ge Xing, who has the username GreenSky27.
The revelations come as President Obama meets with his Chinese counterpart Xi Jinpng in Washington to discuss cyber security.