News / Asia

    US-China Cyber Spying Case Turns Spotlight on Shadowy Unit 61398

    Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai, Feb. 19, 2013.
    Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai, Feb. 19, 2013.
    Reuters
    A tense stand-off between the United States and China over state-backed cyber espionage has dragged China's secretive hacking unit “61398” back into focus, after the military group was pinpointed last year for mounting cyber attacks on Western commercial targets.
     
    U.S. authorities on Monday charged five Chinese military officers at the unit, accusing them of hacking into American nuclear, metal and solar firms to steal trade secrets. China on Tuesday summoned the U.S. ambassador in Beijing and warned it would retaliate if Washington followed through with the charges. It said the affair would damage “mutual trust.”
     
    At the center of the argument is a nondescript tower block in the northern suburbs of China's financial capital Shanghai, home to Chinese People's Liberation Army (PLA) Unit 61398.
     
    The 12-story block houses as many as several thousand staff, according to Mandiant, a U.S. cyber security firm recently acquired by global network security company FireEye Inc. Mandiant identified the location as the source of a large number of espionage operations in a 70-page report last year.
     
    “This unit is one of the most prolific. The group is really active and very aggressive,” said Pierluigi Paganini, a cyber security expert and founder of Security Affairs, based in Italy.
     
    Unit 61398's Shanghai base is kitted out with specialist fiber optic lines, while staff are trained in areas from English linguistics to covert communications, network security and cyber attack strategy, according to the Mandiant report.
     
    The unit's operatives, working under code names such as “UglyGorilla”, “DOTA” and “SuperHard”, also have close research and recruitment ties with China's leading academic centers such as the prestigious Shanghai Jiaotong University.
     
    Publicly available academic reports, school registers, recruitment notices and local online community notice boards show a web of social, educational and academic networks spreading out from the cyber spying unit. Military units in China are often organized in this way with schools, sports clubs and social events organized communally for unit members.
     
    Tip of the iceberg

     
    However, unit 61398 - more formally known as General Staff Department (GSD), Third Department, Second Bureau - is just one of dozens of similar groups based in China, and far from the foremost, said Mandiant analyst Jen Weedon.
     
    “The unit is one of many and its tradecraft is not that great. They are one of the ones that doesn't seem to mind leaving traces behind,” she told Reuters.
     
    The unit, which started operating in or before 2006, saw activity drop sharply in the wake of the 2013 Mandiant report, but has since returned to “business as usual” after it overhauled some of its hacking techniques, Weedon added.
     
    The new allegations are that Chinese state-owned firms “hired” the unit, which used a range of cyber attack methods to illegally gather corporate information from mostly U.S. firms and help give Chinese companies a competitive edge.
     
    The unit “stole sensitive, internal communications”, using tactics such as “spear phishing” emails to gain access to employees' computers, after which it was able to collect internal data, according to the indictment document, posted on the United States Department of Justice website.
     
    Federal prosecutors said the suspects targeted companies including Alcoa Inc, Allegheny Technologies Inc., United States Steel Corp, Toshiba Corp unit Westinghouse Electric Co, the U.S. subsidiaries of SolarWorld AG , and a steel workers' union.
     
    Unit 61398 - or at least one very much like it - also stole data from at least one U.S. government agency in a hacking campaign named 'Byzantine Candor', according to diplomatic cables released by Wikileaks.
     
    “Hackers based in Shanghai and linked to the PRC's People's Liberation Army [PLA] Third Department” stole data from at least one U.S. government agency, according to a leaked 2008 cable.
     
    Officials in Washington have argued for years that cyber espionage is a top national security concern, and the battle is heating up. Both sides have ramped up public and private confrontation, including at a summit last year between U.S. President Barack Obama and Chinese President Xi Jinping.
     
    China has denied the unit is involved in cyber espionage, and insists the country is more a victim than a perpetrator of cyber attacks.
     
    Paganini said he was not surprised at the latest turn of events, which he described as just the “tip of the iceberg”.
     
    “I believe there's an ongoing battle in the cyberspace. These countries are investing large amounts in cyber units that are able to create specific malware and have the ability to get into foreign networks and computers to steal trade secrets and intellectual properties,” he said.

    You May Like

    Video Democrats Clinton, Kaine Offer 'Very Different Vision' Than Trump

    In a jab at Trump, Clinton says her team wants to 'build bridges, not walls'; Obama Hails Kaine's record; Trump calls Kaine a 'job-killer'

    Turkey Wants Pakistan to Close Down institutions, Businesses Linked to Gulen

    Thousands of Pakistani students are enrolled in Gulen's commercial network of around two dozen institutions operating in Pakistan for over two decades

    AU Passport A Work in Progress

    Who will get the passport and what the benefits are still need to be worked out

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    In State of Emergency, Turkey’s Erdogan Focuses on Spiritual Movementi
    X
    July 22, 2016 11:49 AM
    The state of emergency that Turkish President Recep Tayyip Erdogan has declared is giving him even more power to expand a purge that has seen an estimated 60,000 people either arrested or suspended from their jobs. VOA Europe correspondent Luis Ramirez reports from Istanbul.
    Video

    Video In State of Emergency, Turkey’s Erdogan Focuses on Spiritual Movement

    The state of emergency that Turkish President Recep Tayyip Erdogan has declared is giving him even more power to expand a purge that has seen an estimated 60,000 people either arrested or suspended from their jobs. VOA Europe correspondent Luis Ramirez reports from Istanbul.
    Video

    Video Scientists in Poland Race to Save Honeybees

    Honeybees are in danger worldwide. Causes of what's known as colony collapse disorder range from pesticides and loss of habitat to infections. But scientists in Poland say they are on track to finding a cure for one of the diseases. VOA’s George Putic reports.
    Video

    Video Wall Already Runs Along Parts of US-Mexico Border

    The Republican Party’s presidential nominee, Donald Trump, gained the support of many voters by saying he would build a wall to keep undocumented immigrants and drugs from coming across the border from Mexico. Critics have called his idea impractical and offensive to Mexico, while supporters say such a bold approach is needed to control the border. VOA’s Greg Flakus has more from the border town of Nogales, Arizona.
    Video

    Video New HIV Tests Emphasize Rapid Results

    As the global fight against AIDS intensifies, activists have placed increasing importance on getting people to know their HIV status. Some companies are developing new HIV testing methods designed to be quick, easy and accurate. Thuso Khumalo looks at the latest methods, presented at the International AIDS conference in Durban, South Africa.
    Video

    Video African Youth with HIV Urge More Support

    HIV, the virus that causes AIDS, is the top killer of teens in sub-Saharan Africa. But many youths say their experience with the virus is unique and needs to be addressed differently than the adult epidemic. VOA South African Correspondent Anita Powell reports.
    Video

    Video Poor Residents in Cleveland Not Feeling High Hopes of Republican Convention

    With the Republican Party's National Convention underway in Cleveland, Ohio, delegates and visitors are gathered in the host city's downtown - waiting to hear from the party's presidential candidate, Donald Trump. But a few kilometers from the convention's venue, Cleveland's poorest residents are not convinced Trump or his policies will make a difference in their lives. VOA's Ramon Taylor spoke with some of these residents as well as some of the Republican delegates and filed this report.
    Video

    Video Pop-Up Art Comes to Your Living Room, Backyard and Elsewhere

    Around the world, independent artists and musicians wrestle with a common problem: where to exhibit or perform? Traditional spaces such as museums and galleries are reserved for bigger names, and renting a space is not feasible for many. Enter ArtsUp, which connects artists with venue owners. Whether it’s a living room, restaurant, office or even a boat, pop-up events are bringing music and art to unexpected places. Tina Trinh has more.
    Video

    Video With Yosemite as Backdrop, Obama Praises National Parks

    Last month, President Barack Obama and his family visited some of the most beautiful national parks in the U.S. Using the majestic backdrop of a towering waterfall in California's Yosemite National Park, Obama praised the national park system which celebrates its 100th anniversary this year. He talked about the importance of America’s “national treasures” and the need to protect them from climate change and other threats. VOA’s Julie Taboh reports.
    Video

    Video Counter-Islamic State Coalition Plots Next Steps

    As momentum shifts against Islamic State in Iraq, discussions are taking place about the next steps for driving the terrorist group from its final strongholds. Secretary of State John Kerry is hosting a counter-IS meeting at the State Department, a day after defense ministers from more than 30 countries reviewed and agreed upon a course of action. VOA Pentagon correspondent Carla Babb reports.
    Video

    Video Russia's Participation at Brazil Olympic Games Still In Question

    The International Olympic Committee has delayed a decision on whether to ban all Russian teams from competing in next month's Olympic Games in Brazil over allegations of an elaborate doping scheme. The World Anti-Doping Agency recently released an independent report alleging widespread doping by Russian athletes at the 2014 Winter Olympics in Sochi. So far, only Russian track and field athletes have been barred from the Summer Games in Brazil. VOA's Zlatica Hoke has more.
    Video

    Video Scotland’s Booming Whisky Industry Fears Brexit Hangover

    After Britain’s vote to leave the European Union, Scotland’s government wants to break away from the United Kingdom – fearing the nation’s exports are at risk. Among the biggest of these is whisky. Henry Ridgwell reports on a time of turmoil for those involved in the ancient art of distilling Scotland’s most famous product.
    Video

    Video Millennials Could Determine Who Wins Race to White House

    With only four months to go until Americans elect a new president, one group of voters is getting a lot more attention these days: those ages 18 to 35, a generation known as millennials. It’s a demographic that some analysts say could have the power to decide the 2016 election. But a lot depends on whether they actually turn out to vote. VOA’s Alexa Lamanna reports.

    Special Report

    Adrift The Invisible African Diaspora