Network attack training unit part of Chinese cyber warfare capability
BY: Bill Gertz
March 20, 2014
China’s main internal security and police university is training hackers for cyber attacks, according to new information obtained by the U.S. government.
The People’s Public Security University in Beijing, a part of the Ministry of Public Security that trains all of China’s police and internal security troops, has several units engaged in training and operations for cyber attacks.
One section of the school was identified last month as a key training center for police network attack operations: The Network Attack and Defense Laboratory. The lab uses Chinese software that was identified last year by officials as designed for training cyber warfare operators and spies.
Disclosure of the police training unit for Chinese hackers follows several U.S. reports made public last year that identified China’s primary military hacking force as Unit 61398, located near Shanghai.
Another Chinese school, Wuhan University, also has been linked by U.S. intelligence agencies to cyber attacks against the West.
Chinese cyber attacks against the United States have been carried out on a large scale since the early 2000s. The attacks have been detected against both government and private sector networks and have involved the loss of defense and commercial secrets as well as the potential for future sabotage in a crisis or conflict.
The People’s Public Security University’s Network Security Defense College was identified recently as a major training center for police who conduct computer attacks and spying operations.
Within the college, an “Experiment Center” was created with 15 laboratories, one of which is the “Network Attack and Defense Laboratory,” the unit that trains cyber warfare technicians.
That lab uses a training tool developed by the Beijing Simpleware Technology company that includes special computers and software, including three types of software. They include the “Information Security Experiment Education System” (SimpleISES), “Network Attack and Defense Exercise Platform” (SimpleSCR), and “Network Attack and Defense Experiment Education System” (SimpleNAD).
Photos of the network attack laboratory were posted on the software manufacturer’s website last year.
In China, the Internet is tightly controlled and the internal security police is known to arrest and imprison people who criticize the ruling Communist Party, its leaders, policies, and activities.
Shortly after current leader Xi Jinping took power in 2012, China’s government invoked a new decree tightening censorship over the Internet. The rules required Chinese citizens to use their real names online and also called on network providers to remove and document “illegal” information and report the acts to authorities.
The police university is also training hackers at a Network Penetration Test Laboratory that conducts programs on both attacking and defending networks. The lab also conducts penetration testing, a key tool used to train hackers to break into foreign networks and to defend against foreign network intrusions.