Information Warfare: The Mighty 1st Technical Reconnaissance Bureau

Archives

April 17, 2011: Chinese Cyber War units have been plundering foreign government and military online data for over five years now. But thanks to Wikileaks, and several other sources, the identity and location of the main Chinese Cyber War operation is now known. The Chinese Chengdu Province First Technical Reconnaissance Bureau (1st TRB) is a Chinese Army electronic warfare unit located in central China (Chengdu), and is the most frequent source of hacking attacks traced back to their source. The servers used by the 1st TRB came online over five years ago, and are still used. The Chinese government flatly refuses to even discuss the growing pile of evidence regarding operations like the 1st TRB.

The 1st TRB is part of the Chinese Army's Third Department, which is responsible for all sorts of electronic eavesdropping. But given the praise showered on the 1st TRB, a lot of valuable data has apparently been brought to Chengdu, and then distributed to the appropriate industrial, diplomatic or military operations. The hacking operation has been so successful, that it has obtained more staff and technical resources. As a result, in the last five years, detected hacking attempts on U.S. government and corporate networks has increased by more than six times. Most of these hacks appear to be coming from China. Not all the hacking is done by 1st TRB personnel. A lot of it appears to be the work of Chinese freelancers, often working for pay, but sometimes just to "serve the motherland."