2nd China Army Unit Implicated in Online Spying

Just weeks after the Justice Department indicted five members of the Chinese army, accusing them of online attacks on United States corporations, a new report from CrowdStrike offers more evidence of the breadth and ambition of China’s campaign to steal trade and military secrets from foreign victims. The report ties attacks against dozens of public and private sector organizations back to a group of Shanghai-based hackers whom CrowdStrike called Putter Panda because they often targeted golf-playing conference attendees.

The National Security Agency and its partners have identified the hackers as Unit 61486, according to interviews with a half-dozen current and former American officials. Those officials say the NSA and its partners are currently tracking more than 20 hacking groups in China, over half of them units of the People’s Liberation Army, as they break into public and private sector companies ranging from satellite, drone and nuclear weapon component makers to technology and energy companies and research groups. Unit 61486, researchers say, in some instances shared computing resources and communicated with members of Unit 61398, the P.L.A. unit whose members were the focus of last month’s indictments.