The Chinese military since 2007 has built a computer espionage unit that targets foreign governments, defense and space companies according to the security firm Crowdstrike.
In a new report, Crowdstrike offers details
on how China’s hacking-industrial complex extends far beyond the five
military officers indicted by the Justice Department last month. Some
activity is highly centralized and directly controlled by the military,
as detailed in the indictment. Other groups appear to work as makeshift defense contractors
that try to break into foreign networks after clocking out of mundane
day jobs, former U.S. officials and security researchers said.
The Crowdstrike report focused on a Shanghai unit with an interest in
satellite technology. Known as the 12th Bureau of the People’s
Liberation Army’s Third Department, it also goes by Unit 61486,
according to a 2011 report from the Project 2049 Institute, an
Asia-focused U.S. think tank run by former U.S. military officers.
The five Chinese nationals indicted by the Obama administration
worked in the Third Department’s Second Bureau, known as Unit 61398,
which focuses on the U.S. and Canada, according to Project 2049.
The New York Times
previously reported on Crowdstrike’s findings. Neither mentioned a
specific victim of the group. Crowdstrike said the hackers have stolen
designs for satellites and aerospace technology, among other things.
The Chinese embassy in Washington didn’t immediately return a request for comment.
The report also shed light on how U.S. firms can collect rich
dossiers on foreign hackers. In this case, one military officer appeared
to use his personal email address to register a site used in government
hacks. Through that email address, Crowdstrike found pictures posted
online of empty rice liquor bottles, a birthday celebration and a slim,
young man doing pull-ups in front of a military officer.