Faculty members at a top Chinese university have collaborated for years with an army unit accused of hacking Western targets.
Several papers on computer network security and intrusion detection, easily accessed on the Internet, were co-authored by researchers at People's Liberation Army (PLA) Unit 61398 and faculty at Shanghai Jiaotong University.
The unit, allegedly an operational unit actively engaged in cyber-espionage, made the news in February when US cyber security company Mandiant identified it as being behind several recent high-profile hacks on Western companies.
The apparent working relationship between the PLA unit and Shanghai Jiaotong, a centre of academic excellence with ties to some of the world's top universities, is in contrast to common practice in most developed nations where university professors in recent decades have been reluctant to cooperate with operational intelligence gathering units.
There is no evidence to suggest any Shanghai Jiaotong academics who co-authored papers with Unit 61398 worked with anyone directly engaged in cyber-espionage operations, as opposed to research.
"The issue is operational activity; whether these research institutions have been involved in actual intelligence operations," said James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies. "That's something the US does not do."
"[In the US] there's a clear line between an academic researcher and people engaged in operational [intelligence gathering] activities."
Shanghai Jiaotong declined to comment.
In reviewing the links between the PLA and Shanghai Jiaotong – whose alumni include former President Jiang Zemin, the head of China's top automaker and the former CEO of its most popular Internal portal – Reuters found at least three papers on cyber-warfare on a document-sharing website that were co-authored by university faculty members and PLA researchers.
The papers, on network security and attack detection, state on their title pages they were written by Unit 61398 researchers and professors at Shanghai Jiaotong's School of Information Security Engineering (SISE).
In one 2007 paper on how to improve security by designing a collaborative network monitoring system, PLA researcher Chen Yi-qun worked with Xue Zhi, the vice-president of SISE and the school's Communist Party branch secretary.
According to his biography on the school's website, Xue is credited with developing China's leading infiltrative cyber-attack platform. Calls and emails to Xue were not answered and Reuters was unable to find contact details for Chen.
Fan Lei, an associate professor at Shanghai Jiaotong whose main research areas are network security management and cryptography, also co-authored a paper with Chen. Fan told Reuters he has no links with Unit 61398 and his work with Chen in 2010 was because Chen was a SISE graduate student.
Fan said he was unaware Chen was with the PLA when they collaborated. Both of the papers Chen co-wrote with SISE professors stated he was with the PLA unit.
Cyber-security experts say the publicly available papers and China's National Information Security Engineering Centre are ostensibly about securing computer networks.
"The research seems to be defensive, but cyber-security research in general can be dual purpose," said Adam Meyers, director of intelligence at CrowdStrike, a security technology company based in Irvine, California.
Figuring out how best to defend networks, by definition, means thinking about the most effective means of attack, he noted.
Efforts to reach the PLA for comment on its collaboration with Shanghai Jiaotong were unsuccessful.