A group of hackers supposedly affiliated with the Chinese military has spent years infiltrating the American aerospace industry and US trading partners in the space industry, a US cybersecurity company CrowdStrike said Monday. Officials from CrowdStrike accused the Shanghai-based unit 61486 of the People’s Liberation Army 12th bureau of attacking American and other western networks in cyber-assaults that date back at least as far as to 2007, according to reports.
The space, aerospace and communications sectors were targeted via “popular productivity applications such as Adobe Reader and Microsoft Office to deploy custom malware through targeted email attacks,” CrowdStrike said, according to a Reuters report. The group in question is unofficially known as Putter Panda. A full list of accusations, including phishing emails and Trojan horse documents were outlined in a 62-page report published Monday by CrowdStrike, which conducts forensic investigations for customers who have endured invasive security breaches. When a target downloads or clicks on a certain document, for instance, they could find their entire computer taken over. The hackers then use that power to steal housing blueprints, consumer lists, servers, and other sensitive data, Ars Technica reported. “Putter Panda is a determined adversary group, conducting intelligence-gqathering operations targeting the Government, Defense, Research, and Technology sectors in the United States, with specific targeting of the US Defense and European satellite and aerospace industries,” the researchers wrote. “The PLA’s GSD Third Department is generally acknowledged to be China’s premier Signals Intelligence (SIGINT) collection and analysis agency, and the 12th Bureau Unit 61486, headquartered in Shanghai, supports China’s space surveillance network.” CrowdStrike’s report, which the company said it is publishing to show how deeply the problem is entrenched, comes less than three weeks after the US Justice Department, in a surprise move, unsealed indictments against five members of a People’s Liberation Army hacker unit that allegedly stole trade secrets from the US.