China hacking charges: the Chinese army's Unit 61398
Operating out of a tower block in Shanghai, Unit 61398 allegedly hacks Western companies in support of the Chinese government's political and economic aims.
The hacking charges brought by the US today were levelled against five members of Unit 61398, a shadowy division of the Chinese military allegedly responsible for waves of cyber attacks against Western businesses.
Based out of a 12-storey building in the outskirts of Shanghai, Unit 61398 is believed to be staffed by thousands of Chinese "cyber-troops" acting on the direct orders of the People's Liberation Army.
Its personnel are highly trained in computer networking but must also be proficient in English as most of its targets are in the US, according to Mandiant, an American cybersecurity firm.
Unit 61398 is believed to have begun operations in 2006 and since then has allegedly hacked into the networks of more than 140 western firms in pursuit of corporate secrets.
While countries across the world are developing cyber capabilities, China is unique in that it uses its military to gain commercial advantages over foreign competitors, said Jen Weedon, threat intelligence manager at FireEye, an American cybersecurity firm.
"What makes Unit 61398 stand out is that it is operating under government orders but carrying out espionage for corporate reasons," she said.
Its hacking is allegedly carried out in support of broader Chinese government political and economic strategic initiatives. For example, at the same time China began investing in bio-pharmaceutical technology, Unit 61398 reportedly began targeting US bio-pharmaceutical companies to try to steal their technology.
"While the men and women of our American businesses spent their business days innovating...these members of Unit 61398 were spending their business days in Shanghai stealing the fruits of our labour," said John Carlin, assistant US attorney general for national security.
China has consistently denied that Unit 61398 carries out hacking, calling the allegations "irresponsible and unprofessional".
The five men charged by US prosecutors - Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui - are all described as "officers" but are believed to be low-level figures rather than senior commanders.
The unit's leader remains unknown, although it is believed to be part of the General Staff Department, the Chinese equivalent of the US joint chiefs of staff, America's top military council.
The 56-page indictment offers remarkable detail about the alleged hackers' methods. For example, it describes how Wang used the alias "UglyGorilla" to register domains that would later be used in hacking attacks on American steel and nuclear companies.
All five men are said to be based in a tower block on Datong Road in Gaoqiaozhen, a residential neighbourhood around 40 minutes outside of central Shanghai.
The building is not identified as a military facility but uniformed soldiers guard its entrance and a compound for troops' families next door is emblazoned with a propaganda plaque reading: "Be faithful and loyal to the Party. Love the people. Dedicate yourself to the cause."
The scale of Unit's 61398's extensive hacking operations were made possible by special fibre optic lines given to the Chinese military by the state-owned China Telecom firm "in the name of the national defence", according to Mandiant.
President Barack Obama has promised to take a firmer stand against Chinese hacking and raised the issue with Xi Jinping, the Chinese president.
"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," Mr Obama said during his 2013 State of the Union address.
No comments:
Post a Comment
Comments always welcome!