HONG KONG (CNNMoney)

What is happening inside 208 Datong Road in Shanghai?

Definitely no computer hacking, according to China's military, which said Wednesday that it is not engaged in cyberattacks of any sort.

The forceful denial comes a day after Virginia-based cybersecurity firm Mandiant released a 60-page report detailing the activities of a hacking collective it claims has direct ties to China's military.

Mandiant says it has watched the group systematically steal hundreds of terabytes of data from at least 141 organizations across 20 industries worldwide since 2006.

Mandiant claims the activity -- perpetrated by a group called the "comment crew" -- can be traced to four networks near Shanghai, with some operations taking place in a nondescript building on Datong Road that is also the headquarters of Unit 61398, a secret wing of the People's Liberation Army.

Geng Yansheng, a spokesman for China's Ministry of National Defense, characterized the charges Wednesday as "groundless both in facts and legal basis."

The spokesman offered, for the first time, a detailed rebuttal of Mandiant's charges. The report relies too heavily on the tracking of IP addresses, Geng said, referring to the digital identifiers which are stolen "almost everyday."

"The report, in only relying on linking IP addresses to reach a conclusion the hacking attacks originated from China, lacks technical proof," the spokesman said, according to a transcript posted on the ministry's website.

Geng also resorted to a somewhat arcane legal argument.

"There is still no internationally clear, unified definition of what constitutes a hacking attack," Geng said. "There is no legal evidence behind the report subjectively concluding that the everyday gathering of online information is online spying."

The Obama administration appears unconvinced -- and says it is acting to counter the threats.

"We have repeatedly raised our concerns at the highest levels about cybertheft with senior Chinese officials, including in the military, and we will continue to do so," White House spokesman Tommy Vietor said Tuesday.

Mandiant estimates that hundreds, and perhaps thousands, of people work within Unit 61398, which is housed in a 12-story, 130,663 square-foot facility.

Organizations in English-speaking countries are the primary victims of the comment crew -- making up 87% of the 141 attacks observed by Mandiant. Of that, 115 attacks targeted organizations in the United States.


The hackers have a "well-defined attack methodology," and Mandiant said the group has stolen large volumes of intellectual property, including technology blueprints, proprietary manufacturing processes and business plans.

The report did not list companies or agencies that have been attacked, but the comment crew is known to have attacked Coca-Cola, security firm RSA, and consultancy Chertoff Group.

China is not the only country believed to be involved in cyberattacks. The existence of several other state-sponsored cyberweapons has also been reported in recent years, with names like Stuxnet, Duqu and Flame.

The U.S. government is widely believed to have played a role in developing some of those viruses, with an eye toward containing Iran.