Chinese military hackers target space industry

Jun 10, 2014
Pedestrians walk past the skyline of the city's financial district in Shanghai on October 8, 2010

A Chinese military unit has run a hacking campaign that includes sending bogus email in a bid to intercept Western satellite communications and aerospace secrets, a US security firm said.

The report by the California-based firm Crowdstrike points to broader hacking by China weeks after the United States for the first time filed charges against Chinese military officers over alleged cyber-espionage.

Dubbed "Putter Panda" for its focus on the golf-playing set, the Shanghai-based unit is a "determined adversary group" that has operated since at least 2007 by sending email attacks that target Microsoft Outlook, Adobe Reader and other common software, Crowdstrike said.

Putter Panda's strategy includes sending email from innocuous-looking addresses—mike.johnson_mj@yahoo.com was one example—and offering fake invitations in hopes that users will click and unwittingly give hackers access to their computer systems.

One attachment sent to workers at the Toulouse Space Center in France was a false brochure for a local yoga studio, promoting "a universal method to better know yourself, the universe and the gods, as recommended by Socrates."

Crowdstrike, in the report released Monday, said that Putter Panda appears bent on "obtaining intellectual property and industrial secrets related to defense technology" with an intent to "conduct space surveillance, remote sensing and interception of ."

Putter Panda "is likely to continue to aggressively target Western entities that hold valuable information or intellectual property relevant to these interests," it said.

Crowdstrike linked email addresses associated with Putter Panda to a personal blog of a 35-year-old named Chen Ping. On the blog, he said he works for the "military/police" and posted pictures that appear to show him exercising in front of soldiers and wearing army-style khaki as he drunkenly celebrated a birthday.

Crowdstrike linked Putter Panda with the People's Liberation Army's Unit 61486 in a high-rise building in Shanghai's northern Zhabei district.

The group is in addition to the already-known Unit 61398. A report last year by another , Mandiant, said that Unit 61398 employed thousands of workers in a 12-story building near Shanghai who pilfered and government secrets overseas.

A US grand jury last month indicted five officers from Unit 61398 for allegedly breaking into US computers to benefit Chinese state-owned companies, leading to US job losses in the steel, solar and other industries.

China summoned the US ambassador to protest and suspended cooperation on cyber issues. China accused the United States of hypocrisy as Washington conducts sweeping surveillance around the world, as revealed by former contractor Edward Snowden.

Explore further: US files first charges on hacking, infuriating China (Update)

add to favorites email to friend print save as pdf

Related Stories

China calls on US to stop 'unscrupulous' spying

May 27, 2014

China called for a halt Tuesday to what it called unscrupulous U.S. cyberspying, saying that a monthslong investigation into reports on the "ugly face" of U.S. espionage has concluded that China is a major target of those ...

China military rejects hacking allegations

Feb 20, 2013

China's defence ministry Wednesday rebuffed a report linking its People's Liberation Army to sophisticated cyberattacks on US firms, saying there was no internationally agreed definition of hacking.

Administration developing penalties for cybertheft

Feb 20, 2013

Evidence of an unrelenting campaign of cyberstealing linked to the Chinese government is prompting the Obama administration to develop more aggressive responses to the theft of U.S. government data and corporate ...

Recommended for you

Sony hacking fallout puts all companies on alert

10 hours ago

Companies across the globe are on high alert to tighten up network security to avoid being the next company brought to its knees by hackers like those that executed the dramatic cyberattack against Sony Pictures ...

Timeline of the Sony Pictures Entertainment hack

12 hours ago

It's been four weeks since hackers calling themselves Guardians of Peace began their cyberterrorism campaign against Sony Pictures Entertainment. In that time thousands of executive emails and other documents ...

Files of more than 40,000 federal workers breached (Update)

13 hours ago

The computer files of more than 40,000 federal workers may have been compromised by a cyberattack at federal contractor KeyPoint Government Solutions, the second breach this year at a major firm handling national security ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.