News Column

Hackers tied to China may have targeted US-European industry

June 10, 2014

Bloomberg News

Washington: A second hacking group linked to China's People's Liberation Army may (PLA) have targeted United States defence and European satellite and aerospace industries since 2007, according to network security company CrowdStrike.

The group, known as Putter Panda, "is believed to hack into victim companies throughout the world in order to steal corporate trade secrets, primarily relating to the satellite, aerospace and communication industries," according to an undated report from the company.

The hacking unit is likely part of the 12th Bureau of the PLA's 3rd General Staff Department based in Shanghai, CrowdStrike said, identifying Chen Ping, also known as cpyy, as responsible for registering the command and control needed to run the malware used in the attacks. The US Department of Justice last month charged five Chinese military officials from another PLA unit with stealing US trade secrets. It declined to comment on CrowdStrike's report.

"When you look at the patent denials that came back from the Chinese government that they don't engage in theft of trade secrets, it's just false," George Kurtz, CrowdStrike's co-founder and chief executive officer, said in a phone interview. "It's not just limited to this group. It's a much broader problem."

Playing victim

China dismissed the new allegations and accused the US of routinely engaging in cyber espionage. "America should stop playing victim because America is the No. 1 hacking empire in the world," Foreign Ministry spokeswoman Hua Chunying told journalists today in Beijing.

"Instead of reflecting on its own mistakes, the American side has intensified its behavior. I don't think this is very constructive."

The US indictment against officials from Unit 61398 led China to suspend its involvement in a cybersecurity working group and drew formal protests from the ministries of defense and foreign affairs. China has also threatened retaliation.

China'sDefence Ministry spokesman Geng Yansheng said in response to the indictment that the Chinese government, military and relevant personnel have never engaged or participated in cyber theft of trade secrets. The U.S. should explain its cyber-theft and surveillance activities against China, Geng said on May 20.

Tracking for years

The CrowdStrike report isn't likely to produce as aggressive a reaction from Chinese authorities as the indictment, Zhan Jiang, a professor of journalism at Beijing Foreign Studies University, said today.

CrowdStrike was tracking the hacking group for several years and decided after the indictment of the Chinese officers to publish a report on their findings, to call attention to the breadth of the military's actions, said Kurtz.

Some hackers were identified from clues they left inside their attack code.

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: Times of Oman

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters