The @FBI published a wanted poster and an indictment of 4 “Chinese military-backed hackers” for their alleged roles in the 2017 #Cyberattack against credit company @Equifax.

Article by @JoshJPhilipp | (Thread👇) theepochtimes.com/hackers-indict…

The @FBI described the breach as “the largest known theft of personally identifiable information ever carried out by state-sponsored actors.”

Yet, despite the rare exposé of Chinese soldiers, little has been said about the #Hacker unit they were allegedly part of.

The case that most closely resembles this is the May 19, 2014, indictment of 5 Chinese #Military hackers for multiple alleged #Cybercrime acts committed between 2006 and 2014.

They were identified as being part of the #Chinese military, the People’s Liberation Army.

The “Unit 61398” and “54th Research Institute” named in these cases were previously known, but not widely known.

The #Hackers involved in the 2014 case—“Unit 61398”—more clearly fit the profile of their assigned #Military branch.

An investigative series from The Epoch Times in 2015 detailed the structure of these units and their operations. theepochtimes.com/murder-money-a…

Unit 61398 was under the Third Department of the General Staff Department—the former warfighting branch of the #Chinese #Military.

Under the Third Department were 22 known operational bureaus, and at least four known “research institutes” involved in their operations.

Beneath each unit were additional branches, each with a unique purpose, which in the case of the 2014 indictment were focused on the theft of #TradeSecrets from the United States to advance the #Economic #Warfare operations of the Chinese regime.

A July 27, 2015, report from the @Project2049 Institute, a think tank, stated that Unit 61398, also known as “The Second Bureau,” was one of the largest operational bureaus under the Third Department. project2049.net/wp-content/upl…

@Project2049 A first glance at the recent indictment of the Chinese #Hackers in the #Equifax case would suggest the soldiers were part of the same department.

Yet they weren’t, which suggests the #EquifaxBreach may have served a different purpose than #Economic gain.

The 54 Research Institute was under the Fourth Department of the General Staff Department, meaning that its operations were related to electronic #Warfare.

The General Staff Department had 3 main departments focused on operations of this nature:

— The Second Department was focused on more conventional spies
— The Third Department was focused on cyber intelligence
— The Fourth Department was focused on electronic warfare.

However, these units were more recently merged into a different parent branch of the #Chinese #Military, which removed them from the General Staff Department and placed them under the relatively new Strategic Support Force.

“This composition at a minimum would suggest the Strategic Support Force is charged with cyber, space, reconnaissance, and electronic warfare missions supporting joint integrated operations.” uscc.gov/sites/default/…

The Third and Fourth Departments—which are the parent departments of the respective #Hacker groups—are considered 3 of the 5 known Chinese #Military entities focused on #Espionage and #Intelligence gathering, according to a 2009 report from the @USCC_GOV. uscc.gov/sites/default/…

@USCC_GOV The 2009 report notes that the Third Department and the Fourth Department “may also have a complementary relationship.”

In other words, as The @EpochTimes has previously reported, the units may have been working together on their operations. theepochtimes.com/investigative-…

@USCC_GOV @EpochTimes When it comes to the specific roles of these departments in computer operations—such as the breaches the different units were charged for—the differences appear very fine, between “network exploitation” and “network attack.”

The 2009 report says the Third Department “bears primary responsibility within the PLA for computer network exploitation.”

The Fourth Department, on the other hand, “plays the leading role in computer network attack.”

The report describes network exploitation as “enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary automated information systems or networks.”

And it explains network attack as “actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.” theepochtimes.com/hackers-indict…

/END/