US Experts On Iraq Being Targeted By Chinese Hackers
July 8, 2014

US Experts On Iraq Being Targeted By Chinese Hackers

Peter Suciu for - Your Universe Online

Chinese hackers, believed to be associated with the Chinese government in Beijing, have reportedly changed their targets and have begun to breach computers belonging to experts in Iraq. These hackers, who were identified earlier this year by CrowdStrike as "Deep Panda" and its sister unit "Putter Panda" and working for the People's Liberation Army 3rd Department 12th Bureau Unit 61486, had been targeting US experts on Asian geopolitical matters, but have now turned their attention to breaching computers belonging to experts in the Middle East – specifically Iraq – as the region destabilizes.

CrowdStrike has reported that this group is one of the most sophisticated of the 30 it tracks in China, and suggested that its operations are better hidden than other groups attributed or connected to military and government units. The security research firm believes that the group works directly for, and may be actually funded by the Chinese government.

"It's an intelligence operation, with a very far and wide collection mission to keep policy makers in China informed," Adam Meyers, vice president of intelligence at CrowdStrike, told Computer World.

The shift in what Deep Panda may have been targeting came about on June 18, the day that the Islamic State of Iraq and Syria (ISIS) began its attack on Iraq's strategically important oil refinery in Baiji, which is about 155 miles north of Baghdad.

The reasoning could be that China, which remains one of the largest foreign investors in Iraqi oil fields, draws about 10 percent of its oil from the country.

"This actor, who was engaged in targeting and collection of Southeast Asia policy information, suddenly began targeting individuals with a tie to Iraq/Middle East issues," Dmitri Alperovitch, co-founder and CTO at CrowdStrike, in an official blog post on Monday. "This is undoubtedly related to the recent Islamic State of Iraq and the Levant (ISIS) takeover of major parts of Iraq and the potential disruption for major Chinese oil interests in that country. In fact, Iraq happens to be the fifth-largest source of crude oil imports for China and the country is the largest foreign investor in Iraq’s oil sector. Thus, it wouldn't be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper U.S. military involvement that could help protect the Chinese oil infrastructure in Iraq. In fact, the shift in targeting of Iraq policy individuals occurred on June 18, the day that ISIS began its attack on the Baiji oil refinery."

The Chinese hackers' switch in targets could be a way for the Chinese government to know what American policy makers thought was happening in Iraq and whether the US government would consider military actions that might stabilize the situation in the region.

Last month President Barrack Obama ordered the sending of several hundred military advisors to Iraq.

While CrowdStrike has suggested the ties between Deep Panda and Beijing, the Chinese have denied that there is in fact any connection. China's Foreign Ministry has stood firm that the government is opposed to hacking.

"Some U.S. Internet security firms ignore the U.S. threat to the Internet and constantly seize upon the so-called China Internet threat. The evidence they produce is fundamentally untrustworthy and unworthy of comment," spokesman Hong Lei told a daily news briefing in Beijing, as reported by Reuters this week.