China’s Two Year Campaign to Hack American UAS Technology

For almost two years, hackers based in Shanghai went after one foreign defence contractor after another, at least 20 in all. Their target, according to an American cybersecurity company that monitored the attacks, was the technology behind the United States’ clear lead in military UAS. A hacking operation run by a unit of the People’s Liberation Army was tracked to this building outside of Shanghai.

“I believe this is the largest campaign we’ve seen that has been focused on UAS technology,” said Darien Kindlund, manager of threat intelligence at the company, FireEye, based in California. “It seems to align pretty well with the focus of the Chinese government to build up their own UAS technology capabilities.”

The hacking operation, conducted by a group called “Comment Crew,” was one of the most recent signs of the ambitions of China’s UAS development programme. The government and military are striving to put China at the forefront of UAS manufacturing, for their own use and for export, and have made an all-out push to gather domestic and international technology to support the programme.

Foreign Ministry officials have said China does not sanction hacking, and is itself a victim, but another American cybersecurity company has tracked members of Comment Crew to a building of the People’s Liberation Army outside Shanghai.

China is now dispatching its own UAS into potential combat arenas. Every major arms manufacturer in China has a research center devoted to UAS, according to Chinese and foreign military analysts. Those companies have shown off dozens of models to potential foreign buyers at international air shows.

Military analysts say China has long tried to replicate foreign UAS designs. Some Chinese UAS appearing at recent air shows have closely resembled foreign ones. Ian M. Easton, a military analyst at the Project 2049 Institute in Virginia, said cyberespionage was one tool in an extensive effort over years to purchase or develop UAS domestically using all available technology, foreign and domestic.

Chinese engineers and officials have done reverse engineering, studied open source material and debriefed American experts who attend conferences and other meetings in China. “This can save them years of design work and mistakes,” Mr. Easton said.

The Chinese military has not released statistics on the size of its UAS fleet, but a Taiwan Defense Ministry report said that as of mid-2011, the Chinese Air Force alone had more than 280 UAS units, and analysts say the other branches have thousands, which means China’s fleet count is second only to the 7,000 or so of the United States. “The military significance of China’s move into unmanned systems is alarming,” said a 2012 report by the Defense Science Board, a Pentagon advisory committee.

University research centers are at the core of China’s UAS programme. The oldest research and production center for drones is the Northwestern Polytechnical University in Xi’an, where design work began in 1958. The ASN Technology Group, linked to the school, said on its Web site that it produces 90 percent of Chinese UAS.

At the programme’s start, China reverse-engineered drones it had acquired from the Soviet Union in the 1950s. It also got its hands on American UAS that crashed in Vietnam in the 1960s and in China while monitoring China’s nuclear weapons programme. China bought 100 Harpy armed drones from Israel in the 1990s — its only significant purchase of foreign-made drones — and the Pentagon later pressured Israel not to upgrade those drones for China.

In recent years, China has continued to acquire foreign UAS technology and is especially focused on studying American models. “American UAS technology is very sophisticated,” Mr. Xu said. “We can only envy their technology. Right now, we’re learning from them.”

For the Obama administration and American business executives, no method of Chinese technology acquisition is more worrisome than cyberespionage. An American official confirmed that UAS technology had been stolen by hackers.

FireEye, the cybersecurity company in California, called the UAS theft campaign Operation Beebus, traced back to a command-and-control node at bee.businessconsults.net. Cybersecurity experts say that general address and tools linked to it are associated with the Comment Crew, the Chinese hacker unit that Mandiant, another cybersecurity company, discussed in a report in February. Mandiant said the group was part of Unit 61398 of the People’s Liberation Army, based in Shanghai.

Though the initial victims in Operation Beebus were large defence contractors, the hackers began to pick out companies that specialized in UAS technology, said Mr. Kindlund, FireEye’s threat intelligence manager. They then alternated between large companies that made a wide range of military technology and boutique firms that focused on UAS.

Photo: A hacking operation run by a unit of the People’s Liberation Army was tracked to this building outside of Shanghai – Associated Press

Source: New York Times

Leave a Reply

Your email address will not be published. Required fields are marked *