A Thread on Chinese Cyberwarfare

China is both the world's second-largest economy and a nuclear weapons state with the world's second-largest defense budget. Chinese Information Operations and Information Warfare includes the concept of “network warfare”, which is
roughly analogous to the United States concept of cyberwarfare. Foreign Policy magazine provided an estimated range for China's "hacker army" personnel, anywhere from 50,000 to 100,000 individuals. Western countries have long accused China of aggressive espionage,
and while investigations have traced various attacks on corporate & infrastructure computer systems to have originated in China, "it is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace.”
China has denied these accusations of cyberwarfare and has accused the United States of engaging in cyberwarfare against China, a claim the denied by the US government. While some details remain unconfirmed, it is understood that China organizes its resources as follows:
• Specialized military network warfare forces conducting network attack and defense.

• The People’s Liberation Army (PLA) authorized forces with network warfare specialists in the Ministry of State Security (MSS) and the Ministry of Public Security (MPS).
• Non-governmental forces including civilian and student groups spontaneously engaging in network attack and defense.

In response to claims Chinese universities, businesses, and politicians have been subject to cyberespionage by the National Security Agency since 2009
(USCYBERCOM conducts US cyberoperations not NSA), the PLA announced in May, 2011, the formation of a cyber security squad to defend their Chinese networks. The People's Liberation Army Unit 61398, aka “APT 1,” “Comment Crew,” “Comment Panda,” “GIF89a,”is the Military Unit
Cover Designator of the PLA advanced persistent threat unit alleged to be a source of Chinese computer hacking attacks. The unit is stationed in Pudong, Shanghai. On 19 May 2014, the DOJ announced a Federal grand jury had returned an
indictment of five Unit 61398 officers on charges of theft of confidential business information and intellectual property from US commercial firms and of planting malware on US computers. The five are Gu Chunhui, Huang Zhenyu, Sun Kailiang, Wang Dong, and Wen Xinyu.
Forensic evidence traces the base of operations to a 12-story building off Datong Road in a public, mixed-use area of Pudong in Shanghai. The US Intelligence Community is said to have named the group in 2002, “Byzantine Candor. A report by a computer security firm states
PLA Unit 61398 is believed to operate under the 2nd Bureau of the People's Liberation Army General Staff Department (GSD) Third Department. The People's Liberation Army General Staff Department (GSD) was the command & headquarters for the People's Liberation Army (PLA) overseeing
operations, command, recruitment, mobilization, formation, training and administration until 2016 when the GSD was disbanded as part of the January 2016 military reform and its operations were consolidated into the Joint Staff Department of the Central Military Commission.
The General Staff Bureaus are:

• Combat Operations Command
• Combat Communications
• Military Intelligence
• Mobilization
• Electronic Warfare
• Foreign Relations
• Management

The Third Department of the Joint Staff Department is responsible for monitoring
telecommunications of foreign armies and producing finished intelligence based on information collected. The communications stations are not subject to the jurisdiction of the provincial military district and the major theater command of where they are based.
Communications stations are entirely under authority of Third Department and have no affiliation with the provincial military district or military region of where stations are based. Personnel, budget, and establishment of these stations are entirely under the jurisdiction of
Third Department, and not related with local troops. China maintains the most extensive SIGINT network of all the countries in the Asia-Pacific region. By the late 1990s, Chinese SIGINT systems included ground stations, ships, truck-mounted systems, and airborne systems.
Third Department, and not related with local troops. China maintains the most extensive SIGINT network of all the countries in the Asia-Pacific region. By the late 1990s, Chinese SIGINT systems included ground stations, ships, truck-mounted systems, and airborne systems.
Third Department, and not related with local troops. China maintains the most extensive SIGINT network of all the countries in the Asia-Pacific region. By the late 1990s, Chinese SIGINT systems included ground stations, ships, truck-mounted systems, and airborne systems.
Third Department headquarters is in the hills northwest of the Summer Palace and has ≈20,000 personnel; most linguists. The Foreign Language Institute at Luoyang is responsible for training foreign language officers for monitoring of foreign military intelligence.
Third Department headquarters is in the hills northwest of the Summer Palace and has ≈20,000 personnel; most linguists. The Foreign Language Institute at Luoyang is responsible for training foreign language officers for monitoring of foreign military intelligence.
Third Department headquarters is in the hills northwest of the Summer Palace and has ≈20,000 personnel; most linguists. The Foreign Language Institute at Luoyang is responsible for training foreign language officers for monitoring of foreign military intelligence.
The Central Military Commission and Joint Staff Headquarters command all military communications stations in China ensuring interception of both enemy radio communications and all major military region, provincial military districts, and group army wire/ wireless communications.
China has additional capabilities n the Ministry of State Security (MSS). China directs SIGINT activities regionally rather than globally. China is thought to target Russia, Japan, Taiwan, Southeast Asia and India, and domestic communications. The largest stations are on the
northwest outskirts of Beijing, and the near Lake Kinghathu. SIGINT sites believed to be at Jilemutu, Jixi, Erlian, Hami, Xinjiang, Qitai, Korla, Chengdu, Dayi, Shenyang, Jinan, Nanjing, Shanghai, and in the Fujian and Guangdong military districts opposite
Taiwan. There is a naval SIGINT facility on Hainan Island monitoring the South China sea, and ground station targeting US and Russian satellites. China also has ≈10 ELINT and COMINT auxiliary ships and aircraft platforms based with the South Sea Fleet headquarters at Zhanjiang.
GSD Third Department contains, an entity known as APT1, beliefed to have attacked a broad range of corporations and government entities around the world as early as 2006. APT1 is thought to consist of four large networks in Shanghai, two of which serve the Pudong New Area.
It is one of more than 20 APT groups with origins in China. The Third and Fourth Department, responsible for electronic warfare, are believed to comprise the PLA units mainly responsible for infiltrating and manipulating computer networks.

//END Part 1//

cc: @STUinSD
@threadreaderapp unroll
You can follow @DeMelaatse.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.