China has dismissed a report from a US cybersecurity firm, which accused Beijing of carrying out a major hack targeting hundreds of people and organizations around the world, calling the charges “far-fetched and unprofessional.”
Foreign Ministry spokesman Wang Wenbin responded to the allegations on Friday, telling reporters that the agency behind them, Mandiant, has a track record of false reporting about China.
“The cybersecurity firm that you mentioned has repeatedly sold disinformation on so-called Chinese hacking attacks. The stories are far-fetched and unprofessional,” Wang said at a daily press briefing.
Mandiant released a lengthy report on Thursday describing an attack by an “aggressive and skilled actor” with “suspected links to China,” claiming the hackers engaged in “espionage activity” starting last October. The attackers allegedly used a vulnerability in the Barracuda Networks email system to target diplomatic officials and government agencies across East and Southeast Asia, including in Hong Kong and Taiwan.
Founded in 2004, the firm has frequently cast blame on China for various hacks over the years, and rose to prominence in 2012 after another high-profile hacking allegation pinned on Beijing. The company was later purchased by Google for $1.2 billion and remains a subsidiary of the tech giant.
The Foreign Ministry spokesman went on to state that “by making up reports about so-called foreign cyberattacks,” some American companies have “become accomplices in the US government’s smearing campaigns against other countries,” going on to accuse Washington of its own hacking operations.
In April, the Chinese government published a review of alleged US government cyber attacks, claiming that American intelligence agencies have “been intruding on, dividing and suppressing foreign cybersecurity vendors” for years. The report outlined several major hacking incidents, including a 2010 attack on Iranian nuclear facilities using the US and Israeli-developed Stuxnet virus, and also pointed to Washington’s mass-collection surveillance program under the National Security Agency.