The computer hacking group accused last week of being part of a specific unit of the Chinese military is apparently unfazed by the public attention triggered by a detailed report on its activities published by the security firm Mandiant. Another researcher tracking the group says that most of the infrastructure it had in place to carry out attacks remains in place.
“They shut down some of the infrastructure, but not much,” says Jaime Blasco, director of labs at security company AlienVault, who had been tracking the same group for several years. Blasco says that many of the group’s command-and-control servers—computers that act as relays between an attacker and the software placed inside a victim company—are still in place, and apparently active. “The group will not change much, because it works—they have been using the same infrastructure for years,” he says.