Since quite some time that security experts sustain that China has one of the most advanced cyber army that is responsible for carried some of the highest profile cyber-attacks, but the Government of Beijing China always denied any involvement. In 2013, The Mandiant Intelligence Center released a shocking report that revealed an enterprise-scale computer espionage campaign dubbed APT1. The evidences collected by the security experts link APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398), according to the experts the operations started in 2006 and targeted 141 victims across multiple industries.
In the last edition of PLA publication titled “The Science of Military Strategy”, China reveals that has capabilities and explicitly refers a “specialized units devoted to wage war on computer networks.”
The expert Joe McReynolds told to the TheDailyBeast that this it’s a judge change in China posture respect the past:
“he first time they’ve come out and said, ‘Yes, we do in fact have network attack forces, and we have teams on both the military and civilian-government sides,’” reports McReynolds .
The document also confirms the existence of internal law enforcement and intelligence agencies, the China’s equivalents of the CIA and the FBI.
Of course the public admission of the cyber army made by the government has political and diplomatic implications on the relationship with other governments, in particular with the United States.
“It means that the Chinese have discarded their fig leaf of quasi-plausible deniability,” McReynolds said. “As recently as 2013, official PLA [People’s Liberation Army] publications have issued blanket denials such as, ‘The Chinese military has never supported any hacker attack or hacking activities.’ They can’t make that claim anymore.”
McReynolds said that China divided its Cyber army in 3 sub-groups:
All the above groups are engaged in hacking campaign, security speculate their involvement in cyber espionage operations operated against private companies to steal intellectual property and sensitive data.
“It means that the Chinese have discarded their fig leaf of quasi-plausible deniability,” McReynolds said. “As recently as 2013, official PLA [People’s Liberation Army] publications have issued blanket denials such as, ‘The Chinese military has never supported any hacker attack or hacking activities.’ They can’t make that claim anymore.“
McReynolds continues and says:
“With the Chinese now explicitly acknowledging that the [ministry] has network warfare forces stationed within it, the United States and other targets of Chinese state-sponsored hacking will have to weigh carefully whether cooperation with the MPS on cybercrime is worth the risks,”
I contacted Bill Hagestad II, one of the most important Internationally cyber-intelligence & counter-intelligence professional, for a comment:
“The news is nothing new…albeit great that Chinese Hacking & the PLA is making the headlines, it is mere sensationalism and self-promotion – not really contributing anything new to the study of Chinese Military Cyber Doctrine Development.” Hagestad said. “Theories about Chinese military use of computers as a weapon system began some would argue with Major General Wang Pu Feng in 1995”
The complete interview that will be available in the next post.
About the Author Elsio Pinto
with Pierluigi Paganini
(Security Affairs – China, Information warfare)