By Robert Foster
Contributor, In Military
The Chinese government strongly opposes the deployment of the new THAAD system that is currently operational in South Korea. Beijing is worried the radar systems will be used as a source for espionage.
The security firm FireEye recently led an investigation, which revealed attempts by Chinese hackers to break into the THAAD system with the intention of interfering with deployment of the anti-ballistic weapons system.
In fact, John Hultquist, FireEye’s director of cyber espionage analysis, reported to the Wall Street Journal that the number of cyberattacks by Chinese hackers against South Korea has been significantly on the rise. Most of these attacks have been targeting organizations linked to the THAAD operations. These attacks have included techniques such as implanting emails that contain attachments full of malware and manipulating code to deliver malware to government, military and defense sites. One attack led to the denial of service to the South Korean Ministry of Foreign Affairs website.
Two prominent hacking groups have been identified by FireEye to have led these attacks. Hultquist told the Journal: “One of the two hacker groups, which FireEye dubbed Tonto Team, is tied to China’s military and based out of the northeastern Chinese city of Shenyang, where North Korean hackers are also known to be active. FireEye believes the other, known as APT10, may be linked to other Chinese military or intelligence units.”
Statements made by China’s Ministry of Defense claim that the PLA never has supported any hacking activity.