WASHINGTON, U.S. – Exposing one of the most sensational cases of American intellectual property theft in recent times, the U.S. Department of Justice charged two Chinese nationals who have been accused of operating an elaborate global hacking campaign.
The U.S. Deputy Attorney General Rod Rosenstein unsealed the three-count indictment against the two Chinese men on Thursday, accusing the duo of infiltrating the computer networks of government agencies, private companies and commercial establishments in the U.S. and at least 12 other countries.
The U.S. Justice Department has alleged that the two Chinese hackers, identified as Zhu Hua and Zhang Jianguo, worked under the orders of the Chinese government and carried out the elaborate cyber operation for several years.
13 years of preying
Explaining how the massive global hacking campaign was operated by the duo, U.S. prosecutors said that the operation had a single goal – to prey on governments and businesses in Western countries and steal intellectual property, confidential business secrets and key technological information from targets.
According to court documents filed by U.S. prosecutors, the shocking cyber campaign was carried out for a period of 13 years – between the years 2006 and 2018.
Prosecutors alleged that the two hackers, Hua and Jianguo, were part of the ‘Advanced Persistent Threat 10′ – which is a hacking group affiliated with China’s main intelligence service.
They said that the duo worked for a company called Huaying Haitai Science and Technology Development company and worked in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau.
The Federal Bureau of Investigation (FBI) has revealed that the two individuals have extensively hacked into computer systems of multiple targets in multiple countries over the last 13 years.
The two Chinese hackers have targeted and stolen information from at least 45 commercial and defence technology companies in at least 12 U.S. states over the period of the prolonged operation.
The indictment claims that the defendants’ hacking network worked with the Chinese government and managed to gain access to at least 90 computers belonging to U.S. government agencies, commercial and defense technology companies.
These targets by the hackers were located in at least 12 states from California to New York.
The FBI also revealed in its court filing that the two men, Hua and Jianguo, had hacked into the U.S. Navy computer systems.
FBI director Christopher Wray pointed out that the two men stole the “personally identifiable information” of more than 100,000 Navy personnel, including their social security numbers, dates of birth and salary information.
The duo also infiltrated the computer networks of oil and gas firms, NASA and the U.S. Attorney’s Office in the Southern District of New York.
While the indictment doesn’t name the companies targeted by the hackers, it states that U.S. companies in the aviation, communications technology, and oil and gas drilling industries were targeted.
Court documents also revealed that the duo launched attack on and stole confidential data from managed service providers (MSPs) and their government and commercial clients in at least 12 countries.
These targets of the Chinese hackers were spread across the U.K., Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, and the U.A.E., as well as the U.S.
Stone Panda attacks
The hacking group Advanced Persistent Threat 10, that Hua and Jianguo were part of, also goes by the name ‘Stone Panda’ and ‘POTASSIUM,’ and allegedly included an extensive network of Chinese hackers.
Rosenstein said in a statement, “The indictment alleges that the defendants were part of a group that hacked computers in at least a dozen countries and gave China’s intelligence service access to sensitive business information.”
He added, “This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system.”
They reportedly stole “hundreds of gigabytes of sensitive data and information” in the campaign that started in 2006.
According to the indictment, the hackers used a technique known as “spear-fishing” and sent emails with attachments that would surreptitiously install malware if opened.
This is how they are believed to have gained access to usernames and passwords.
The U.S. Justice Department has charged the two men with conspiracy to commit computer intrusions, conspiracy to commit wire fraud and aggravated identity theft.
On Thursday, Geoffrey Berman, the U.S. Attorney in Manhattan said, “It is galling that American companies and government agencies spent years of research and countless dollars to develop their intellectual property, while the defendants simply stole it and got it for free. As a nation, we cannot, and will not, allow such brazen thievery to go unchecked.”
Global coordination against espionage
Along with the U.S., which lambasted China over the widespread economic espionage, three U.S. allies too condemned the country after charges against the two hackers were announced.
The FBI Director said at a news conference, “No country poses a broader, more severe long-term threat to our nation’s economy and cyber infrastructure than China. China’s goal, simply put, is to replace the U.S. as the world’s leading superpower, and they’re using illegal methods to get there.”
Meanwhile, the U.S., Australia and New Zealand slammed China over the global campaign of cyber-enabled commercial intellectual property theft.
Further, officials from the U.S. President Donald Trump’s administration said that China’s hacking effort violated a 2015 agreement intended to crack down on cyber espionage for commercial purposes.
Further, a British security official said in a statement, “The campaign is one of the most serious, strategically significant, persistent and potentially damaging set of cyber intrusions against the U.K. and our allies that we have seen.”
Meanwhile, Australian officials expressed “serious concern” about Chinese commercial intellectual property theft in a statement on Thursday.
A New Zealand government officials too released a statement saying the country “joins likeminded partners in expressing that such cyber campaigns are unacceptable.”
The U.S. Justice Department said that the two Chinese hackers have not been arrested and were at present “beyond US jurisdiction.”