Secret military cyber unit masked activities after exposure
The recent exposure of a secret Chinese military cyber warfare unit has not led to a decrease in cyber espionage against U.S. government and private networks, according a draft congressional China commission report.
Instead, the Chinese military group temporarily limited its large-scale cyber espionage campaign and took steps to mask its activities, according to a forthcoming report by the U.S.-China Economic and Security Review Commission.
The report concludes that the Chinese government is engaged in a concerted campaign of cyber attacks led by a Shanghai-based unit.
China’s cyber spying is designed to gain information for its military programs and civilian enterprises, and also for preparing the military to conduct attacks in a future conflict.
“The Chinese government is directing and executing a large-scale cyber espionage campaign against the United States, and to date has successfully targeted the networks of U.S. government and private organizations, including those of DoD, defense contractors, and private firms,” the report said.
“These activities are designed to achieve a number of broad economic and strategic objectives, such as gathering intelligence, providing Chinese firms with an advantage over its competitors worldwide, advancing long-term research and development objectives, and gaining information that could enable future military operations.”
In February, the private security group Mandiant revealed Unit 61398 of the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s Third Department. The military unit since 2006 has attacked and penetrated networks of at least 141 organizations located in 15 countries and representing 20 major industries, from information technology to financial services.
After the disclosures, Unit 61398 took steps to make it more difficult to track its cyber strikes. The exposure also led to a temporary decrease in the unit’s attacks for a month.
Currently, cyber spying by Unit 61398 is “as active as it was before Mandiant’s report was released,” the report said.
The Obama administration’s response to Chinese cyber attacks so far was to set up a diplomatic Cyber Working Group between the two countries in April.
However, U.S. efforts to “shame” China into curbing cyber attacks were undermined in May when NSA contractor Edward Snowden disclosed U.S. cyber spying on Chinese networks.
“There is an urgent need for Washington to take action to prompt Beijing to change its approach to cyberspace and deter future Chinese cyber theft,” the report said.
The report said Congress, the administration, and security experts are discussing a series of actions to counter Beijing’s cyber attacks. They include:
– Passing legislation that would allow U.S. companies to conduct retaliatory cyber attacks against China;
– Blocking imports of Chinese goods developed through cyber espionage;
– Increasing information sharing on cyber threats;
– Banning Chinese firms that use stolen U.S. data from accessing U.S. banks;
– Blocking travel to the United States by officials linked to cyber attacks;
– Using special computer code to identify data stolen from U.S. networks that can be used in prosecution or sanctions.
Full article: China Cyber Espionage Grows (Washington Free Beacon)