CHINA TOPIX

03/29/2024 01:11:34 am

Make CT Your Homepage

China State Hackers Try and Fail to Steal Secrets from US Aircraft Carrier Patrolling South China Sea

They don't stop

(Photo : FBI) Chinese military hackers wanted by the US since 2014.

It's been revealed that China's most notorious group of state-sponsored cyber criminals tried and failed to gain access to the classified information aboard the U.S. Navy nuclear aircraft carrier USS Ronald Reagan (CVN-76) as this was patrolling the disputed South China Sea last July.

Like Us on Facebook

The cyberattack on the computer system of the Reagan occurred July 11, the day before the Permanent Court of Arbitration in The Hague ruled as illegal China's nine-dash line and, hence, China's claim to own most of the South China Sea.

The Chinese hackers sent an infected document resembling an official message to foreign government officials visiting the Reagan. The message contained the Enfal malware designed to penetrate security systems and collect information on U.S. Navy maneuvers and policies. This type of malware can also download additional viruses.

The U.S. Navy said that the hackers were unsuccessful and that Reagan's classified information wasn't compromised by the attack.

Western analysts believe a complicated hack of this type on a moving U.S. Navy warship hundreds of kilometers from mainland China could only have been carried out by a Chinese government state-sponsored hacking group with access to military communications.

Suspicion at once fell on PLA Unit 61398, the cover name for a People's Liberation Army (PLA) advanced persistent threat unit based in Shanghai that's been the center of Chinese computer hacking attacks against the U.S. government and military.

PLA Unit 61398 operates under the 2nd Bureau of the People's Liberation Army General Staff Department Third Department.

On May 19, 2014, the U.S. government indicted five PLA officers of PLA Unit 61398 on charges of theft of confidential business information and intellectual property from U.S. commercial firms and of planting malware on their computers.

The five are Huang Zhenyu;  Wen Xinyu;  Sun Kailiang; Gu Chunhui and Wang Dong.

FireEye, a US cyber security business, claims the China-based group behind the attack in the past tried to compromise other U.S. and Vietnamese defense systems.

Real Time Analytics