The claims were made by David Sanger, a reporter from The New York Times, in a book titled The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age.
In one passage, Sanger wrote: "One day I sat next to some of Mandia’s team, watching the Unit 61398 hacking corps at work; it was a remarkable sight.
How can you misinterpret seeing leather jackets? He either made it up, or he saw it. https://t.co/aykdu7n4Yd— Ryan Naraine (@ryanaraine) 25 June 2018
"My previous mental image of PLA officers was a bunch of stiff old generals sitting around in uniforms with epaulets, reminiscing about the glory days with Mao. But these guys were wearing leather jackets or just undershirts, and probably saw Mao only if they visited his mausoleum in Tiananmen Square.”
"The videos Sanger viewed were from Windows Remote Desktop Protocol (RDP) network packet captures (PCAP) of Internet traffic at these victim organisations. Mandiant has never turned on the webcam of an attacker or victim system."
FireEye is known to be close to the US Government, with the company's chief executive, Kevin Mandia, claiming recently that US Government spooks produce "nice" malware when compared to that of other states.
Employees of private US company Mandiant hacked into computers of Chinese military, eventually resulting in APT1 report. The privatized hackback enabled US gov to more vocally criticize Chinese military hacking of US companies since there was now public unclassified reporting. https://t.co/v18HMgNvow— Artturi Lehtiö (@lehtior2) 23 June 2018
Another statement was issued by Richard Bejtlich of Tao Security, a former Mandiant employee, who also wrote a lengthy post, denying that the company had hacked back.
Also casting doubt on Sanger's claims — and his entire book, in fact — was former NSA hacker Dave Aitel, the chief security officer of offensive security firm Immunity that was acquired by Cyxtera Technologies earlier this year.
Aitel had his own blog post attacking Sanger's book, claiming that citations were needed at various points in the tome.
A bill was introduced in the US Congress last year that would allow victims of hacking to go on the offensive when they were attacked.
The Active Cyber Defence Certainty Act, sponsored by Republican Tom Graves of Georgia and and Democrat Kyrsten Sinema of Arizona, permits individuals and companies to hack back if their aim is to disrupt, monitor or attribute the attack, or destroy stolen files.