News / Asia

US-China Cyber Spying Case Turns Spotlight on Shadowy Unit 61398

Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai, Feb. 19, 2013.
Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai, Feb. 19, 2013.
Reuters
A tense stand-off between the United States and China over state-backed cyber espionage has dragged China's secretive hacking unit “61398” back into focus, after the military group was pinpointed last year for mounting cyber attacks on Western commercial targets.
 
U.S. authorities on Monday charged five Chinese military officers at the unit, accusing them of hacking into American nuclear, metal and solar firms to steal trade secrets. China on Tuesday summoned the U.S. ambassador in Beijing and warned it would retaliate if Washington followed through with the charges. It said the affair would damage “mutual trust.”
 
At the center of the argument is a nondescript tower block in the northern suburbs of China's financial capital Shanghai, home to Chinese People's Liberation Army (PLA) Unit 61398.
 
The 12-story block houses as many as several thousand staff, according to Mandiant, a U.S. cyber security firm recently acquired by global network security company FireEye Inc. Mandiant identified the location as the source of a large number of espionage operations in a 70-page report last year.
 
“This unit is one of the most prolific. The group is really active and very aggressive,” said Pierluigi Paganini, a cyber security expert and founder of Security Affairs, based in Italy.
 
Unit 61398's Shanghai base is kitted out with specialist fiber optic lines, while staff are trained in areas from English linguistics to covert communications, network security and cyber attack strategy, according to the Mandiant report.
 
The unit's operatives, working under code names such as “UglyGorilla”, “DOTA” and “SuperHard”, also have close research and recruitment ties with China's leading academic centers such as the prestigious Shanghai Jiaotong University.
 
Publicly available academic reports, school registers, recruitment notices and local online community notice boards show a web of social, educational and academic networks spreading out from the cyber spying unit. Military units in China are often organized in this way with schools, sports clubs and social events organized communally for unit members.
 
Tip of the iceberg

 
However, unit 61398 - more formally known as General Staff Department (GSD), Third Department, Second Bureau - is just one of dozens of similar groups based in China, and far from the foremost, said Mandiant analyst Jen Weedon.
 
“The unit is one of many and its tradecraft is not that great. They are one of the ones that doesn't seem to mind leaving traces behind,” she told Reuters.
 
The unit, which started operating in or before 2006, saw activity drop sharply in the wake of the 2013 Mandiant report, but has since returned to “business as usual” after it overhauled some of its hacking techniques, Weedon added.
 
The new allegations are that Chinese state-owned firms “hired” the unit, which used a range of cyber attack methods to illegally gather corporate information from mostly U.S. firms and help give Chinese companies a competitive edge.
 
The unit “stole sensitive, internal communications”, using tactics such as “spear phishing” emails to gain access to employees' computers, after which it was able to collect internal data, according to the indictment document, posted on the United States Department of Justice website.
 
Federal prosecutors said the suspects targeted companies including Alcoa Inc, Allegheny Technologies Inc., United States Steel Corp, Toshiba Corp unit Westinghouse Electric Co, the U.S. subsidiaries of SolarWorld AG , and a steel workers' union.
 
Unit 61398 - or at least one very much like it - also stole data from at least one U.S. government agency in a hacking campaign named 'Byzantine Candor', according to diplomatic cables released by Wikileaks.
 
“Hackers based in Shanghai and linked to the PRC's People's Liberation Army [PLA] Third Department” stole data from at least one U.S. government agency, according to a leaked 2008 cable.
 
Officials in Washington have argued for years that cyber espionage is a top national security concern, and the battle is heating up. Both sides have ramped up public and private confrontation, including at a summit last year between U.S. President Barack Obama and Chinese President Xi Jinping.
 
China has denied the unit is involved in cyber espionage, and insists the country is more a victim than a perpetrator of cyber attacks.
 
Paganini said he was not surprised at the latest turn of events, which he described as just the “tip of the iceberg”.
 
“I believe there's an ongoing battle in the cyberspace. These countries are investing large amounts in cyber units that are able to create specific malware and have the ability to get into foreign networks and computers to steal trade secrets and intellectual properties,” he said.

You May Like

Video US, Japan Offer Lessons as Eurozone Launches Huge Stimulus

Euro falls after European Central Bank announces a bigger-than-expected $67 billion-a-month quantitative easing program More

Saudi King’s Death Clears Succession Route

Prince Mohammed Bin Nayef is Saudi Arabia's New Crown Prince-in-waiting More

Cloud Hangs Over US Counterterrorism Efforts in Yemen

Sources say resignations of Yemen's president, government has left US anti-terror operations 'paralyzed,' yet an American military 'footprint' remains More

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Worldwide Photo Workshops Empower Youthi
X
Julie Taboh
January 23, 2015 11:08 PM
Last September, 20 young adults from South Sudan took part in a National Geographic Photo Camp. They are among hundreds of students from around the world who have learned how to use a camera to tell the stories of the people in their communities through the powerful medium of photography. Three camp participants talked about their experiences recently on a visit to Washington. VOA’s Julie Taboh reports.
Video

Video Worldwide Photo Workshops Empower Youth

Last September, 20 young adults from South Sudan took part in a National Geographic Photo Camp. They are among hundreds of students from around the world who have learned how to use a camera to tell the stories of the people in their communities through the powerful medium of photography. Three camp participants talked about their experiences recently on a visit to Washington. VOA’s Julie Taboh reports.
Video

Video US, Japan Offer Lessons as Eurozone Launches Huge Stimulus

The Euro currency has fallen sharply after the European Central Bank announced a bigger-than-expected $67 billion-a-month quantitative easing program Thursday - commonly seen as a form of printing new money. Henry Ridgwell reports for VOA from London on whether the move might rescue the eurozone economy -- and what lessons have been learned from similar programs around the world.
Video

Video Nigerian Elections Pose Concern of Potential Conflict in 'Middle Belt'

Nigeria’s north-central state of Kaduna has long been the site of fighting between Muslims and Christians as well as between people of different ethnic groups. As the February elections approach, community and religious leaders are making plans they hope will keep the streets calm after results are announced. Chris Stein reports from the state capital, Kaduna.
Video

Video As Viewership Drops, Obama Puts His Message on YouTube

Ratings reports show President Obama’s State of the Union address this week drew the lowest number of viewers for this annual speech in 15 years. White House officials anticipated this, and the president has decided to take a non-traditional approach to getting his message out. VOA White House correspondent Luis Ramirez reports.
Video

Video S. Korean Businesses Want to End Trade Restrictions With North

Business leaders in South Korea are calling for President Park Geun-hye to ease trade restrictions with North Korea that were put in place in 2010 after the sinking of a South Korean warship.Pro-business groups argue that expanding trade and investment is not only good for business, it is also good for long-term regional peace and security. VOA’s Brian Padden reports.
Video

Video US Marching Bands Grow Into a Show of Their Own

The 2014 Super Bowl halftime show was the most-watched in history - attracting an estimated 115 million viewers. That event featured pop star Bruno Mars. But the halftime show tradition started with marching bands, which still dominate the entertainment at U.S. high school and college American football games. But as Enming Liu reports in this story narrated by Adrianna Zhang, marching bands have grown into a show of their own.
Video

Video Secular, Religious Kurds Face Off in Southeast Turkey

Turkey’s predominantly Kurdish southeast has been rocked by violence between religious and secular Kurds. Dorian Jones reports on the reasons behind the stand-off from the region's main city of Diyarbakir, which suffered the bloodiest fighting.
Video

Video Kenya: Misuse of Antibiotics Leading to Resistance by Immune System

In Kenya, the rise of drug resistant bacteria could reverse the gains made by medical science over diseases that were once treatable. Kenyans could be at risk of fatalities as a result if the power in antibiotics is not preserved. Lenny Ruvaga has more on the story from Nairobi.
Video

Video Solar-Powered Plane Getting Ready to Circumnavigate Globe

Pilots of the solar plane that already set records flying without a drop of fuel are close to making their first attempt to fly the craft around the globe. They plan to do it in 25 flying days over a five month period. VOA’s George Putic reports.
Video

Video How Experts Decide Ethiopia Has the Best Coffee

Ethiopia’s coffee has been ranked as the best in the world by an international group of coffee connoisseurs. Not surprisingly, coffee is a top export for the country. But at home it is a source of pride. Marthe van der Wolf in Addis Ababa decided to find out what makes the bean and brew so special and how experts make their determinations.
Video

Video Yazidi Refugees at Center of Political Fight Between Turkey, Kurds

The treatment of thousands of Yazidis refugees who fled to Turkey to escape attacks by Islamic State militants has become the center of a dispute between the Turkish government and the country's pro-Kurdish movement. VOA's Dorian Jones reports.
Video

Video World’s Richest 1% Forecast to Own More Than Half of Global Wealth

The combined wealth of the world's richest 1 percent will overtake that of the remaining 99 percent at some point in 2016, according to the anti-poverty charity Oxfam. Campaigners are demanding that policymakers take action to address the widening gap between the ‘haves’ and the ‘have nots’, as Henry Ridgwell reports for VOA from London.

Circumventing Censorship

An Internet Primer for Healthy Web Habits

As surveillance and censoring technologies advance, so, too, do new tools for your computer or mobile device that help protect your privacy and break through Internet censorship.
More

All About America

AppleAndroid