Chicom cyber attack headquarters identified
U.S. military intelligence has identified a headquarters for a Chinese military hacking unit — inside two Beijing hotels.The US must do a better job of discovering the weaknesses of these operations and finding vulnerable avenues of attack. It needs to move beyond intercepting communications and create the capability of destroying the Chicom cyber operations. To date, there is little indication that the US has such a capacity and if it does that it is willing to use it. It should become a high priority for the Trump administration in rebuilding US military assets.
According to an open-source intelligence report produced by the Army’s Asian Studies Detachment, “the Headquarters/Jintang and Seasons Hotel appear to be located in the same or at least adjacent buildings, both of which are, according to available information, owned by or connected to the People’s Liberation Army 4th Department.”
The Fourth Department, known as 4PLA, until recently was part of the military’s General Staff Department and is also known as the Electronic Countermeasures and Radar Department. The unit was reorganized into a new PLA service called the Strategic Support Force. The roll of the department is to conduct offensive electronic warfare and information warfare, including offensive cyberattacks.
The electronic and information warfare are among China’s most secret operations, and the location of the headquarters at the hotels appears to be following the strategic dictum of hiding in plain sight.
The 4PLA is considered one of China’s most threatening spy agencies because of its mandate for high-technology warfare and intelligence-gathering.
Its capabilities extend into space and include disrupting enemy communications, navigation and synthetic aperture radar satellites.
“The 4PLA’s cybermission is first and foremost focused on the disruption and denial of enemy computer networks,” according to testimony by John Costello, a former Navy intelligence official, before the congressional U.S.-China Economic and Security Review Commission.
“The targeting necessary to successfully carry out these missions requires the 4PLA to have a strong network surveillance component,” Mr. Costello added. “This operational targeting in both cyber and electronic domains forms the basis of 4PLA’s role as an intelligence service.”
China’s military units have been blamed for the massive hack of 21.5 million records of federal workers from the Office of Personnel Management networks over the last two years. The Justice Department also indicted five PLA hackers in 2014 for cyberattacks against U.S. companies.
The OPM hack was strategically significant because it allows China’s intelligence services to conduct more targeted technical and human intelligence operations against American government personnel, especially those with access to secret information and those in charge of managing government computer networks.
Chinese military hacking very often involves the use of so-called “spear-phishing” cyberattacks — the use of fraudulent emails to trick unsuspecting computer users into loading malware that allows the penetration of large-scale computer systems.