Papers Link Shanghai Academics to PLA Hackers

Faculty members at Shanghai Jiaotong University have conducted research on cyber security in collaboration with the People’s Liberation Army unit identified last month as being responsible for state-sponsored hacking attacks, according to several papers reviewed by Reuters:

The apparent working relationship between the PLA unit and Shanghai Jiaotong is in contrast to common practice in most developed nations, where university professors in recent decades have been reluctant to cooperate with operational intelligence gathering units.

There is no evidence to suggest any Shanghai Jiaotong academics who co-authored papers with Unit 61398 worked with anyone directly engaged in cyber-espionage operations, as opposed to research.

“The issue is operational activity – whether these research institutions have been involved in actual intelligence operations,” said James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies. “That’s something the U.S. does not do.”

“(In the U.S.) there’s a clear line between an academic researcher and people engaged in operational (intelligence gathering) activities.”

Shanghai Jiaotong has long had an elite reputation within the computer science field in China, and was under scrutiny in 2010 when a hacking attack on Google was reportedly traced to computers on its campus. While Shanghai Jiaotong has no official links to China’s military, and while neither Shanghai Jiaotong or the PLA commented on the Reuters story, it adds yet another wrinkle to an issue that has grown more sensitive for both the Obama administration and the Xi Jinping regime. Following the report by security firm Mandiant, which linked the PLA a series of hacking incidents on U.S. companies and government organizations since 2006, the two sides have traded public accusations of cyber intrusions in recent weeks. Last week, the White House demanded that China start negotiating rules for proper behavior in cyberspace.