Chinese Hackers Target European Union Diplomatic Communications

Chinese Hackers Target European Union Diplomatic Communications
A European Union flag is seen outside the EU Commission headquarters in Brussels, Belgium, on Nov. 14, 2018. Reuters/Francois Lenoir
Tom Ozimek
Updated:

The European Union is “actively investigating” a data breach after reports that hackers linked to the Chinese communist regime intercepted sensitive EU diplomatic communications.

An article published on Dec. 18 by The New York Times alleged that for the past three years cyber-espionage operators associated with the People’s Liberation Army managed to access and download thousands of EU diplomatic cables.
The bloc’s Council Secretariat said in a statement to reporters that it is “aware of allegations regarding a potential leak of sensitive information and is actively investigating the issue.”

Thousands of Messages Intercepted

Area 1 Security, a U.S. cybersecurity firm, told NY Times that a unit of China’s People’s Liberation Army, acting on government orders, broke into a secure communications network used by the EU to coordinate foreign policy.

Thousands of messages were reportedly intercepted in which diplomats referenced a range of subjects from global trade to concerns about the behavior of China, Russia, and Iran.

NY Times published some of the captured messages, known as diplomatic cables.

European officials said that communications marked as highly confidential—including those designated “tres secret”—were not affected by the hack. The breach also did not affect cables relating to decisions about the Iran nuclear deal.

European Commission Vice President Valdis Dombrovskis told reporters that the bloc took any report of hacking its systems “extremely seriously” but refused to comment on details of the leak.

“What is clear is that no institution or country is immune to these kinds of hacks—all communications systems have vulnerabilities,” he told reporters, as reported by Agence France-Presse.

“We’re constantly dealing with this challenge, upgrading our communication systems to respond to the threats.”

‘No Doubt’ Chinese Military Involved

One expert, who was not named in the report, told NY Times that the methods used by the hackers resembled those known to have been used by the Chinese military.

“After over a decade of experience countering Chinese cyber-operations ... there is no doubt this campaign is connected to the Chinese government,” the individual said.

A number of other institutions, including the United Nations, were also reportedly affected by the breach and have since been alerted, but according to the report, the hackers managed to access only low-level classified documents.

Understanding Chinese Spy Operations

In 2014, five Chinese military hackers were indicted for offenses that included computer hacking and economic espionage, targeting Americans in industries such as nuclear and solar power. It was the first time criminal charges were brought against Chinese military hackers for cyberattacks.

The individuals were part of People’s Liberation Army Unit 61398, one of 22 known operations bureaus under the Third Department of the General Staff Department—the war-fighting branch of the Chinese military.

Each of these bureaus is involved in different forms of cyber operations, many of which target the United States and other countries, according to an October investigative report.
Chinese soldiers work at computers. The Chinese regime's cyberattacks against the United States have continued despite cyber agreements. (mil.huanqiu.com)
Chinese soldiers work at computers. The Chinese regime's cyberattacks against the United States have continued despite cyber agreements. mil.huanqiu.com

The Human Factor

There is often a human actor working in at least some element of a cyber breach, such as using a USB drive to download something. The hackers and spies of the Chinese military work together.

Through interviews with former Chinese agents, The Epoch Times learned how one of the regime’s espionage tactics uses insiders—people working for a target organization—to steal information. If the insider stole data, hackers with the Chinese military would launch cyberattacks against the same network at the same time. When the company later conducted a cyber-forensic investigation to try to analyze the breach, they would surmise that a cyberattack was the cause of theft.

Bowen Xiao and Joshua Philipp contributed to this report.
Tom Ozimek
Tom Ozimek
Reporter
Tom Ozimek is a senior reporter for The Epoch Times. He has a broad background in journalism, deposit insurance, marketing and communications, and adult education.
twitter
Related Topics