by Staff Writers
Moscow, Russia (SPX) Jun 11, 2014
A shadowy hacking group believed to be affiliated with the Chinese military has spent years infiltrating the American aerospace industry and US trading partners in the space industry, a US cybersecurity company said Monday.
Officials from CrowdStrike accused the Shanghai-based unit 61486 of the People's Liberation Army 12th bureau of attacking American and other western networks in cyber-assaults that date back at least as far as to 2007. The space, aerospace and communications sectors were targeted via "popular productivity applications such as Adobe Reader and Microsoft Office to deploy custom malware through targeted email attacks," CrowdStrike said, according to a Reuters report.
A full list of accusations, including phishing emails and Trojan horse documents were outlined in a 62-page report published Monday by CrowdStrike, which conducts forensic investigations for customers who have endured invasive security breaches.
When a target downloads or clicks on a certain document, for instance, they could find their entire computer taken over. The hackers then use that power to steal housing blueprints, consumer lists, servers, and other sensitive data, Ars Technica reported.
The group in question is unofficially known as Putter Panda.
"Putter Panda is a determined adversary group, conducting intelligence-gqathering operations targeting the Government, Defense, Research, and Technology sectors in the United States, with specific targeting of the US Defense and European satellite and aerospace industries," the researchers wrote.
"The PLA's GSD Third Department is generally acknowledged to be China's premier Signals Intelligence (SIGINT) collection and analysis agency, and the 12th Bureau Unit 61486, headquartered in Shanghai, supports China's space surveillance network."
CrowdStrike's report, which the company said it is publishing to show how deeply the problem is entrenched, comes less than three weeks after the US Justice Department, in a surprise move, unsealed indictments against five members of a People's Liberation Army hacker unit that allegedly stole trade secrets from the US.
Chinese officials denied that the Justice Department's assertions had any legitimacy, in part because the US National Security agency has launched so many attacks of its own.
"For a long time, governments and enterprises of a few countries have gathered sensitive information on a large scale," Jiang Jun, a spokesman for the state Internet Information Office, told state-controlled Xinhua News Agency, "taking advantage of their monopoly in the market and technological edge. They not only seriously undermine the interests of their clients but also threaten cyber security of other countries."
That response prompted CrowdStrike's co-founder Dmitri Alperovitch to consult with US intelligence and Justice Department officials, who said he authorized the report's disclosure Monday.
"After the Chinese response, where they basically said this is all fabricated, we said why don't we unleash something that's undeniable," Alperovitch told Reuters.
Cyberwar - Internet Security News - Systems and Policy Issues
|The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement All images and articles appearing on Space Media Network have been edited or digitally altered in some way. Any requests to remove copyright material will be acted upon in a timely and appropriate manner. Any attempt to extort money from Space Media Network will be ignored and reported to Australian Law Enforcement Agencies as a potential case of financial fraud involving the use of a telephonic carriage device or postal service.|