INSUBCONTINENT EXCLUSIVE:
The Justice Department has unsealed a damning indictment that links to spies working for the Chinese government an aggressive campaign to
tech and industry giants.
The indictment, out Thursday, accuses China main intelligence agency — the Ministry of State Security — of
hacking into dozens of tech companies and government departments, largely in an effort to steal intellectual property
Prosecutors said the hackers were part of a Beijing-backed group, dubbed APT10, which various security companies had previously linked to
China.
Zhu Hua and Zhang Shilong, both nationals and residents of China, were charged with three counts each of computer hacking, conspiracy
to commit wire fraud and aggravated identity theft.
None of the companies were named, but noted that the hackers targeted and &stole
hundreds of gigabytes of sensitive data& in aviation, space and satellite technology, manufacturing, pharmaceutical and oil and gas
exploration, as well as from communications and computer processor firms and maritime technology companies.
Only the NASA Goddard Space
Center and the space agency Jet Propulsion Lab were named in the filing.
The indictment also said the hackers stole personally identifiable
information — including names, dates of birth, email addresses, salary information and Social Security numbers — on more than 100,000
Navy personnel.
The hackers used spearphishing — or highly targeted phishing campaigns — to install malware using malicious Microsoft
Word documents and steal data from targeted computers, the indictment reads
Others used keyloggers to steal usernames and passwords to break into employees& accounts.
&We want China to cease illegal cyber activities
and honor its commitment to the international community, but the evidence suggests that China may not intend to live up to its promises.&
deputy attorney general Rod Rosenstein, in remarks at the Justice Department in Washington, DC.
The latest indictments come as tensions
and China have increased following the arrest of Huawei chief financial officer Meng Wanzhou in Canada, after being accused of fraud by the
She faces up to 30 years in prison if found guilty.
Prosecutors said that China was conducting its &extensive& hacking campaign over the
With this indictment,the Trump administration has effectively scrubbed an Obama-era bilateral agreement, signed by President Obama and China
premier Xi Jinping in 2015, under which the two countries agreed not to launch hostile cyberattacks and espionage.
Dmitri Alperovitch, chief
technology officer at CrowdStrike, which has tracked APT10 in recent years, called the Justice Department move &unprecedented and
encouraging& to take action against China.
&Today announcement of indictments against Ministry of State Security (MSS), whom we deem now to
be the most active Chinese cyber threat actor, is another step in a campaign that has been waged to indicate to China that its blatant theft
of IP is unacceptable and will not be tolerated,& he said
&While this action alone will not likely solve the issue and companies in US, Canada, Europe, Australia and Japan will continue to be
targeted by MSS for industrial espionage, it is an important element in raising the cost and isolating them internationally.&
The U.K
government also said in a statement that it is &holding responsible elements of the Chinese government for an extensive cyber
campaign.&
&The National Cyber Security Centre assesses with the highest level of probability that the group widely known as APT10 is
responsible for this sustained cyber campaign focused on large-scale service providers,& said a statement from the U.K
&The group almost certainly continues to target a range of global companies, seeking to gain access to commercial secrets.&
U.K
Foreign Secretary Jeremy Hunt called the hacking campaign &one of the most significant and widespread cyber intrusions against the UK and
allies uncovered to date.&
Several other allied nations, including Japan and Australia, are expected to release statements to support the
indictment.
Prosecutors conceded that prosecutions are unlikely, given that the named hackers are Chinese residents and extraditions are
Thursday indictment represents the department latest in &name and shame& charges, designed to instead restrict the international travels of
those named in the filing but also send a warning to others.
&We hope the day will come when the defendants face justice under the rule of
law in a federal courtroom,& said Rosenstein.
China has long rebuffed complaints from other nations accusing it of cyberattacks and
espionage, but didn&t immediately comment on Thursday indictment.
Justice Department indicts two Iranians over SamSam ransomware attacks
