March 25, 2013
Elite Chinese University Linked To Secret Military Hacking Unit
Michael Harper for redOrbit.com — Your Universe Online
China's People's Liberation Army (PLA) has recently been accused of hacking into a number of American, Canadian and UK networks. Today, Reuters reported that the PLA may be getting some help in the way of research from faculty members at a top Chinese University.
According to Reuters, freely accessible online papers show that faculty members of Shanghai Jiaotong University have been working with the PLA to publish technical research about network security and intrusion detection. These papers are co-authored by members of PLA's 61398 Unit, the same unit that American research firm Mandiant claims is responsible for more than 100 attacks against the US since 2006. This unit is still considered a state secret in China.
Jiaotong University is considered a center of academic excellence, says Reuters, with ties to many other top schools around the world. This partnership is different from relationships between academic and military entities anywhere else in the world, as professors are often hesitant to gather information or intelligence for a military arm. Though Reuters has found the link between professors and the PLA, they did not find evidence suggesting any of these professors worked with anyone directly involved with the alleged cyber espionage.
"The issue is operational activity — whether these research institutions have been involved in actual intelligence operations," said James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies in an interview with Reuters. "That's something the US does not do."
American professors, claims Lewis, are not accustomed to collaborating with the military in a similar way.
"There's a clear line between an academic researcher and people engaged in operational (intelligence gathering) activities," he said.
All told, Reuters found at least three papers on cyber-warfare which were co-authored by Jiaotong faculty members. These papers are said to be readily available on a Chinese document-sharing website. Each of these papers openly credit PLA Unit 61398 researchers as well as researchers from the Shanghai Jiaotong School of Information Security Engineering (SISE.)
One such paper details how to build a collaborative network monitoring system with which to better identify when an intruder is attempting to break into the network. Reuters claims that PLA researcher Chen Yi-qun worked with SISE's Vice President Xue Zhi to develop this paper. The university's website boasts that Xue Zhi is currently working with the state to help develop an infiltrative cyber-attack platform.
Though Reuters uncovered solid links between the PLA and Jiatong University, some cybersecurity firms have pointed out that these papers only outline the best ways to secure networks and protect themselves from future attacks.
Adam Meyers, the director of intelligence at CrowdStrike in Irvine, California told Reuters that if China is looking for ways to protect itself, it´s probably looking for ways to go on the offensive as well.
"The research seems defensive, but cyber-security research can be dual purposed," said Meyers.
Throughout all the accusations, China has persistently denied launching any cyber attacks, choosing instead to mention that they're often the victims of such attacks.
"The Chinese army has never supported any hacking activity,” insisted China´s Defense Ministry in statement to Reuters last month. “Statements about the Chinese army engaging in cyber attacks are unprofessional and not in line with facts.”