US authorities have indicted five Chinese military officers with cyber espionage charges yesterday for allegedly targeting American companies and stealing information for commercial advantage.
In the country’s first ever hacking case brought against individuals working for the government, it is said that the hackers targeted nuclear power plants, metals and solar products industries to steal information for Chinese competitors.
Yesterday, US attorney general John Carlin said: "We allege that members of unit 61398 conspired to hack into computers of six US victims to steal information that would provide an economic advantage to the victims’ competitors, including Chinese state-owned enterprises."
The indictment referenced Chinese Army officers Gu Chunhui, Wang Dong, Sun Kailiang, Wen Xinyu, and Huang Zhenyu, The five men are members of a military arm called Unit 61398.
"In the past, when we brought concerns such as these to Chinese government officials, they responded by publicly challenging us to provide hard evidence of their hacking that could stand up in court. Well today, we are," said Carlin.
China has responded the allegations, denying the charges and calling them "purely ungrounded and absurd."
"This U.S. move, which is based on fabricated facts, grossly violates the basic norms governing international relations and jeopardizes China-U.S. cooperation and mutual trust," said Foreign Ministry Spokesperson Qin Gang. "The Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cyber theft of trade secrets.
"It is a fact known to all that relevant U.S. institutions have long been involved in large-scale and organized cyber theft as well as wiretapping and surveillance activities against foreign political leaders, companies and individuals," he said.
"China is a victim of severe U.S. cyber theft, wiretapping and surveillance activities."
However, Bob West, chief trust officer at US cloud security firm CipherCloud, said: "The US government is toughening up its language against nation-state and industrial cyber-espionage. We’re calling out the Chinese government for its role fostering theft of American intellectual property and doing it by naming specific hackers with military ties.
"The US government isn’t trying to provide the private sector with competitive advantage, which is clearly the case with China’s spying activities."
What is Unit 61398?
Unit 61398 is a mysterious division of the Chinese military, and rumoured responsible for many cyber attacks against Western businesses.
The unit is housed in a 12-storey building near Shanghai, and is beloieved to be made up of thousands of cyber troops that follow command of the People’s Liberation Army.
Jen Weedon, threat intelligence manager at FireEye, a US cybersecurity firm, said that China is unique in that it uses its military to gain commercial advantages over foreign competitors.
"What makes Unit 61398 stand out is that it is operating under government orders but carrying out espionage for corporate reasons," she said.
Who are the alleged hackers?
Wang Dong, known by his online pseudonym Ugly Gorilla, has been active on Chinese military forums since 2004. In 2013, security firm Mandiant tracked an online user going by the name of UglyGorilla and traced his IP address to the Shanghai base of Unit 61398.
Wang is alleged to have controlled victims’ computers.
Sun Kailiang, who went by the name of Jack Sun, held the rank of captain during the early stages of the investigation, and was caught both sending malicious e-mails and controlling victim computers.
WinXYHappy, also known as Wen Zinyu, allegedly controlled victims’ computers.
Huang Zhenyu, going by the online persona of Hzy_lhx, was a computer programmer who managed the domain accounts of the other hackers in the group.
Gu Chunhui, aka KandyGoo, tested malicious e-mail messages and also managed the domain accounts used by the others.