Cyberwar, Deeper Truth on China’s Unit 61398

The NSA has been hacking China for years, so it is a cyberwar. What the United States cyber experts have known at least since 2009 spells out that there has been no strategy to combat cyber intrusions much less a declaration that these hacks are an act of war.

The NSA Has A Secret Group Called ‘TAO’ That’s Been Hacking China For 15 Years

China hacking charges: the Chinese army’s Unit 61398
Operating out of a tower block in Shanghai, Unit 61398 allegedly hacks Western companies in support of the Chinese government’s political and economic aims.

From DarkReading:

According to the DOJ indictment, Huang Zhenyu was hired between 2006 and 2009 or later to do programming work for one of the companies (referred to as “SOE-2” in the indictment). Huang was allegedly tasked with constructing a “secret” database to store intelligence about the iron and steel industry, as well as information about US companies.

“Chinese firms hired the same PLA Unit where the defendants worked to provide information technology services,” according to the indictment, which the US Department of Justice unsealed Monday. “For example, one SOE involved in trade litigation against some of the American victims herein hired the Unit, and one of the co-conspirators charged herein, to hold a ‘secret’ database to hold corporate ‘intelligence.'”

The for-hire database project sheds some light on the operations of China’s most prolific hacking unit, Unit 61398 of the Third Department of China’s People’s Liberation Army (also known as APT1), where the alleged hackers work. US Attorney General Eric Holder announced an unprecedented move Monday: The Justice Department had indicted the five men with the military unit for allegedly hacking and stealing trade secrets of major American steel, solar energy, and other manufacturing companies, including Alcoa, Allegheny Technologies Inc., SolarWorld AG, Westinghouse Electric, and US Steel, as well as the United Steel Workers Union.

It has never been a secret, it has only been a topic debated with no resolutions behind closed doors. China has a database on Americans and is filling it with higher details, growing their intelligence on everything America.

China has launched a strategic plan when one examines the order of hacks of American companies, the timing and the data. A full report was published on Unit 61398.

New York Times report

Hacked in the U.S.A.: China’s Not-So-Hidden Infiltration Op

From Bloomberg: The vast cyber-attack in Washington began with, of all things, travel reservations.

More than two years ago, troves of personal data were stolen from U.S. travel companies. Hackers subsequently made off with health records at big insurance companies and infiltrated federal computers where they stole personnel records on 21.5 million people — in what apparently is the largest such theft of U.S. government records in history.

Those individual attacks, once believed to be unconnected, now appear to be part of a coordinated campaign by Chinese hackers to collect sensitive details on key people that went on far longer — and burrowed far deeper — than initially thought.

 

But time and again, U.S. authorities missed clues connecting one incident to the next. Interviews with federal investigators and cybersecurity experts paint a troubling portrait of what many are calling a serious failure of U.S. intelligence agencies to spot the pattern or warn potential victims. Moreover, the problems in Washington add new urgency to calls for vigilance in the private sector.

In revealing the scope of stolen government data on Thursday, Obama administration officials declined to identify a perpetrator. Investigators say the Chinese government was almost certainly behind the effort, an allegation China has vehemently denied.

‘Facebook of Intelligence’

Some investigators suspect the attacks were part of a sweeping campaign to create a database on Americans that could be used to obtain commercial and government secrets.

“China is building the Facebook of human intelligence capabilities,” said Adam Meyers, vice president of intelligence for cybersecurity company CrowdStrike Inc. “This appears to be a real maturity in the way they are using cyber to enable broader intelligence goals.”

The most serious breach of records occurred at the U.S. Office of Personnel Management, where records for every person given a government background check for the past 15 years may have been compromised. The head of the government personnel office, Katherine Archuleta, resigned Friday as lawmakers demanded to know what went wrong.

The campaign began in early 2013 with the travel records, said Laura Galante, manager of threat intelligence for FireEye Inc., a private security company that has been investigating the cyber-attacks.

Stockpiling Records

By mid-2014, it became clear that the hackers were stockpiling health records, Social Security numbers and other personal information on Americans -– a departure from the country’s traditional espionage operations focusing on the theft of military and civilian technology.

“There was a clear and apparent shift,” said Jordan Berry, an analyst at FireEye.

Recognition came too late for many of the victims. Vendors of security devices say health-care companies are spending tens of millions of dollars this year to upgrade their computer systems but much of the data is already gone.

U.S. intelligence agencies were collecting information on the theft of personal data but failed to understand the scope and potential damage from the aggressive Chinese operation, according to one person familiar with the government assessment of what went wrong.

In the last two years, much of the attention of U.S. national security agencies was focused on defending against cyber-attacks aimed at disrupting critical infrastructure like power grids.

 

Posted in China, China aggression, Choke Point, Cyber War, Department of Defense, DOJ, DC and inside the Beltway, Failed foreign policy, Gangs and Crimes, NSA Spying, Terror, Treasury, Whistleblower.

Denise Simon