News / Asia

US-China Cyber Spying Case Turns Spotlight on Shadowy Unit 61398

Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai, Feb. 19, 2013.
Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai, Feb. 19, 2013.
Reuters
A tense stand-off between the United States and China over state-backed cyber espionage has dragged China's secretive hacking unit “61398” back into focus, after the military group was pinpointed last year for mounting cyber attacks on Western commercial targets.
 
U.S. authorities on Monday charged five Chinese military officers at the unit, accusing them of hacking into American nuclear, metal and solar firms to steal trade secrets. China on Tuesday summoned the U.S. ambassador in Beijing and warned it would retaliate if Washington followed through with the charges. It said the affair would damage “mutual trust.”
 
At the center of the argument is a nondescript tower block in the northern suburbs of China's financial capital Shanghai, home to Chinese People's Liberation Army (PLA) Unit 61398.
 
The 12-story block houses as many as several thousand staff, according to Mandiant, a U.S. cyber security firm recently acquired by global network security company FireEye Inc. Mandiant identified the location as the source of a large number of espionage operations in a 70-page report last year.
 
“This unit is one of the most prolific. The group is really active and very aggressive,” said Pierluigi Paganini, a cyber security expert and founder of Security Affairs, based in Italy.
 
Unit 61398's Shanghai base is kitted out with specialist fiber optic lines, while staff are trained in areas from English linguistics to covert communications, network security and cyber attack strategy, according to the Mandiant report.
 
The unit's operatives, working under code names such as “UglyGorilla”, “DOTA” and “SuperHard”, also have close research and recruitment ties with China's leading academic centers such as the prestigious Shanghai Jiaotong University.
 
Publicly available academic reports, school registers, recruitment notices and local online community notice boards show a web of social, educational and academic networks spreading out from the cyber spying unit. Military units in China are often organized in this way with schools, sports clubs and social events organized communally for unit members.
 
Tip of the iceberg

 
However, unit 61398 - more formally known as General Staff Department (GSD), Third Department, Second Bureau - is just one of dozens of similar groups based in China, and far from the foremost, said Mandiant analyst Jen Weedon.
 
“The unit is one of many and its tradecraft is not that great. They are one of the ones that doesn't seem to mind leaving traces behind,” she told Reuters.
 
The unit, which started operating in or before 2006, saw activity drop sharply in the wake of the 2013 Mandiant report, but has since returned to “business as usual” after it overhauled some of its hacking techniques, Weedon added.
 
The new allegations are that Chinese state-owned firms “hired” the unit, which used a range of cyber attack methods to illegally gather corporate information from mostly U.S. firms and help give Chinese companies a competitive edge.
 
The unit “stole sensitive, internal communications”, using tactics such as “spear phishing” emails to gain access to employees' computers, after which it was able to collect internal data, according to the indictment document, posted on the United States Department of Justice website.
 
Federal prosecutors said the suspects targeted companies including Alcoa Inc, Allegheny Technologies Inc., United States Steel Corp, Toshiba Corp unit Westinghouse Electric Co, the U.S. subsidiaries of SolarWorld AG , and a steel workers' union.
 
Unit 61398 - or at least one very much like it - also stole data from at least one U.S. government agency in a hacking campaign named 'Byzantine Candor', according to diplomatic cables released by Wikileaks.
 
“Hackers based in Shanghai and linked to the PRC's People's Liberation Army [PLA] Third Department” stole data from at least one U.S. government agency, according to a leaked 2008 cable.
 
Officials in Washington have argued for years that cyber espionage is a top national security concern, and the battle is heating up. Both sides have ramped up public and private confrontation, including at a summit last year between U.S. President Barack Obama and Chinese President Xi Jinping.
 
China has denied the unit is involved in cyber espionage, and insists the country is more a victim than a perpetrator of cyber attacks.
 
Paganini said he was not surprised at the latest turn of events, which he described as just the “tip of the iceberg”.
 
“I believe there's an ongoing battle in the cyberspace. These countries are investing large amounts in cyber units that are able to create specific malware and have the ability to get into foreign networks and computers to steal trade secrets and intellectual properties,” he said.

You May Like

Captured IS Militants Explain Why They Fought

Fighters from Turkey, Syria tell VOA Kurdish Service what drew them to extremism, jihad More

Security Experts Split on Kenyan Barrier Wall

Experts divided on whether initiative aiming to keep out al-Shabab militants is long-awaited solution or misguided effort More

Video Philippines Wants Tourists Spending Money at New Casinos

Officials say they hope to turn Manila into the next Macau, which has long been Asia’s gambling hub More

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Liberia's Almost Last Ebola Patient Grateful but Still Grievingi
X
Benno Muchler
March 26, 2015 3:41 PM
Beatrice Yardolo was to make history as Liberia’s last Ebola patient. Liberians recently started counting down 42 days, the period that has to go by without a single new infection until the World Health Organization can declare a country Ebola-free. That countdown stopped on March 20 when there was another new case of Ebola, making Yardolo’s story a reminder that Ebola is far from over. Benno Muchler reports from Monrovia.
Video

Video Liberia's Almost Last Ebola Patient Grateful but Still Grieving

Beatrice Yardolo was to make history as Liberia’s last Ebola patient. Liberians recently started counting down 42 days, the period that has to go by without a single new infection until the World Health Organization can declare a country Ebola-free. That countdown stopped on March 20 when there was another new case of Ebola, making Yardolo’s story a reminder that Ebola is far from over. Benno Muchler reports from Monrovia.
Video

Video Cambodian Land Grabs Threaten Traditional Communities

Indigenous communities in Cambodia's Ratanakiri province say the government’s economic land concession policy is taking away their land and traditional way of life, making many fear that their identity will soon be lost. Local authorities, though, have denied this is the case. VOA's Say Mony went to investigate and filed this report, narrated by Colin Lovett.
Video

Video US, South Korea Conduct Joint Military Exercises

The Eighth U.S. Army Division and the Eighth Republic of Korea Mechanized Infantry Division put on a well orchestrated show of force for the media this week during their joint military training exercises in South Korea. VOA’s Seoul correspondent Brian Padden was there and reports the soldiers were well disciplined both in conducting a complex live fire exercise and in staying on message with the press.
Video

Video Space Program Status Disappoints 'Last Man on the Moon'

One of the films that drew big crowds last week at the annual South by Southwest festival in Austin, Texas, tells the story of the last human being to stand on the moon, U.S. astronaut Eugene Cernan. It has been 42 years since Cernan returned from the moon and he laments that no one else has gone there since. VOA’s Greg Flakus reports.
Video

Video Young Filmmakers Shine Spotlight on Giving Back

A group of student filmmakers from across the United States joined President Barack Obama at the White House this month for the second annual White House Student Film Festival. Fifteen short films were officially selected from more than 1,500 entries by students aged 6 through 18. The filmmakers and their families then joined the president and a group of celebrities for a screening of their films. VOA’s Julie Taboh reports.
Video

Video VOA Exclusive: Interview with Afghan President Ashraf Ghani

Afghan President Ashraf Ghani, during his first visit as president to Washington, gave a one-on-one interview with VOA Afghan Service reporter Said Suleiman Ashna, about his request for a change in U.S. troop levels, the threat from the Islamic State, and repairing relations with the United States and Pakistan. The interview was held at Blair House, late Sunday, in Pashto.
Video

Video California Science Center Tells Story of Dead Sea Scrolls

The ancient manuscripts were uncovered in the mid-20th century, and they are still yielding clues about life and religious beliefs in ancient Israel. As VOA's Mike O'Sullivan reports, an exhibit in Los Angeles shows how modern science is bringing the history of these ancient documents to life.
Video

Video Angelina Jolie Takes Another Bold Step

Hollywood actress and filmmaker Angelina Jolie has revealed she had her ovaries and fallopian tubes removed to lower her odds of getting cancer. Doctors say the huge publicity over her decision will help raise awareness about the importance of cancer screening. VOA’s George Putic has more

All About America

Circumventing Censorship

An Internet Primer for Healthy Web Habits

As surveillance and censoring technologies advance, so, too, do new tools for your computer or mobile device that help protect your privacy and break through Internet censorship.
More