A Pentagon official said the carefully choreographed military parade through Beijing’s Tiananmen was notable for the weapons that were not shown. They include China’s growing cadre of cyber warfare forces; its ground launched anti-satellite missiles and its new ultra-high-speed maneuvering hypersonic glide vehicle, known as the DF-ZF.
All three programs remain tightly guarded secrets for the Chinese government and details about them are unlikely to be made public any time soon. Continue reading
Hong Kong, Nov. 17 (CNA) The People’s Liberation Army (PLA) has established a large-scale signals and information monitoring facility in Hong Kong similar to the U.S. PRISM monitoring program, according to the Canada-based Kanwa Information Center.
In a report obtained by CNA, Kanwa, which publishes a monthly magazine on Asian defense issues, said that intelligence experts have made the findings after observing the facility from the top of Tai Mo Shan, the highest mountain in Hong Kong with a altitude of 950 meters. Continue reading
A coalition of security researchers has identified a Chinese cyberespionage group that appears to be the most sophisticated of any publicly known Chinese hacker unit and targets not only U.S. and Western government agencies but also dissidents inside and outside China.
…
In a report to be issued Tuesday, the researchers said Axiom is going after intelligence benefiting Chinese domestic and international policies — an across-the-waterfront approach that combines commercial cyberespionage, foreign intelligence and counterintelligence with the monitoring of dissidents.
Axiom’s work, the FBI said in an industry alert this month, is more sophisticated than that of Unit 61398, a People’s Liberation Army hacker unit that was highlighted in a report last year. Five of the unit’s members were indicted this year by a U.S. grand jury. The researchers concur with the FBI’s conclusion, noting that, unlike Unit 61398, Axiom is focused on spying on dissidents as well as on industrial espionage and theft of intellectual property.
THE US has charged five members of a shadowy Chinese military unit for allegedly hacking US companies for trade secrets, infuriating Beijing which suspended cooperation on cyber issues.
Hacking has long been a major sticking point in relations between the world’s two largest economies, but Washington’s move marks a major escalation in the dispute.
In the first-ever prosecution of state actors over cyber-espionage, a federal grand jury overnight indicted the five on charges they broke into US computers to benefit Chinese state-owned companies, leading to job losses in the United States in steel, solar and other industries. Continue reading
Secret military cyber unit masked activities after exposure
The recent exposure of a secret Chinese military cyber warfare unit has not led to a decrease in cyber espionage against U.S. government and private networks, according a draft congressional China commission report.
Instead, the Chinese military group temporarily limited its large-scale cyber espionage campaign and took steps to mask its activities, according to a forthcoming report by the U.S.-China Economic and Security Review Commission.
The report concludes that the Chinese government is engaged in a concerted campaign of cyber attacks led by a Shanghai-based unit. Continue reading
China’s military is preparing for war in cyberspace involving space attacks on satellites and the use of both military and civilian personnel for a digital “people’s war,” according to an internal Chinese defense report.
“As cyber technology continues to develop, cyber warfare has quietly begun,” the report concludes, noting that the ability to wage cyber war in space is vital for China’s military modernization. Continue reading
For further information on SCADAs, please see the following Global Geopolitics entries that were ahead of the curve:
“Red Dragon Rising: Communist China’s Military Threat to America” from 1999 is a highly recommended read. The United States is in more vulnerable than most people know, and longer than most people would have thought.
Cyberspies linked to China’s military targeted nearly two dozen US natural gas pipeline operators over a recent six-month period, stealing information that could be used to sabotage US gas pipelines, according to a restricted US government report and a source familiar with the government investigation.
From December 2011 through June 2012, cyberspies targeted 23 gas pipeline companies with e-mails crafted to deceive key personnel into clicking on malicious links or file attachments that let the attackers slip into company networks, says the Department of Homeland Security (DHS) report.
The report does not mention China, but the digital signatures of the attacks have been identified by independent cybersecurity researchers as belonging to a particular espionage group recently linked to China’s military.
The confluence of these factors – along with the sensitive operational and technical details that were stolen – make the cyberbreaches perhaps among the most serious so far, some experts say. The stolen information could give an adversary all the insider knowledge necessary to blow up not just a few compressor stations but perhaps many of them simultaneously, effectively holding the nation’s gas infrastructure hostage. Nearly 30 percent of the nation’s power grid now relies on natural gas generation.
“This theft of key information is about hearing the footsteps get closer and closer,” says William Rush, a retired scientist formerly with the Gas Technology Institute who chaired the effort to create a cybersecurity standard applicable to the gas pipeline industry.
“Anyone can blow up a gas pipeline with dynamite. But with this stolen information, if I wanted to blow up not one, but 1,000 compressor stations, I could,” he adds. “I could put the attack vectors in place, let them sit there for years, and set them all off at the same time. I don’t have to worry about getting people physically in place to do the job, I just pull the trigger with one mouse click.” Continue reading
Headquarters building of PLA Unit 61398
On the outskirts of Shanghai, in a run-down neighborhood dominated by a 12-story white office tower, sits a People’s Liberation Army base for China’s growing corps of cyberwarriors.
The building off Datong Road, surrounded by restaurants, massage parlors and a wine importer, is the headquarters of P.L.A. Unit 61398. A growing body of digital forensic evidence — confirmed by American intelligence officials who say they have tapped into the activity of the army unit for years — leaves little doubt that an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around the white tower.
An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as “Comment Crew” or “Shanghai Group” — to the doorstep of the military unit’s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area. Continue reading
Global Geopolitics 