Security researchers have release a detailed report implicating a Chinese military unit (PDF) in the targeting of government and defense sectors in the United States and Europe in an espionage campaign seeking to expose space, aerospace, and communications technology.
Unit 61398 of the Chinese People’s Liberation Army (PLA), dubbed Putter Panda, is believed to have been actively hacking into the systems of targeted companies in order to exfiltrate intellectual property and trade secrets primarily related to the satellite, aerospace and communication industries.
“We see firsthand what is happening in the trenches when we respond to large breaches during our incident response investigations. We see the massive amount of intellectual property that is being sucked out by the truckload, and we are tired of the continual denials,” said CrowdStrike’s George Kurtz of the motivation to release the report publicly.
“Most executives and boards of directors have no idea just what damage is being done to their corporations. We would love to see the US Government add yet another face to the FBI’s most wanted list.”
The report comes on the heels of the U.S. Department of Justice indicting of five Chinese military officials for criminal hacking, economic espionage and other offenses committed from 2006 to 2014 targeting organizations in the nuclear power, metals and solar products industries in the first case ever where criminal charges have been filed against state-actors.
The indictment alleged that the five members of the PLA gained unauthorized access to systems belonging to Westinghouse Electric, Alcoa, Allegheny Technologies Incorporated, U.S. Steel, the United Steelworkers Union and SolarWorld in an effort to steal proprietary intellectual property in order to gain a competitive economic advantage for Chinese firms.
In response to the indictments, China is alleged that over the last two months, the United States compromised more than one million Chinese computers by way of phishing operations, and stole proprietary trade secrets.
“As I continue to say, what we see in the media is only the tip of the iceberg. While I don’t mind a good round of rhetoric from any nation state, these comments were a little over the top. China, I get you have to deny these sorts of things, but hey, we caught you red-handed on this one,” Kurtz said.
“Attribution itself is important, not only to governments that want to use law-enforcement or diplomatic powers to put pressure on actors to behave responsibly, but also to provide contextual information about who is attacking your corporation. If you are in the satellite or aerospace industry, you definitely want to spend some time reading this report very closely and learning about the tradecraft and techniques of this adversary.”
Read More Here…