BBC News, December 20, 2018
The US justice department has indicted two Chinese men accused of hacking into the computer networks of companies and government agencies in Western countries.
The pair are allegedly part of a “hacking group” known as Advanced Persistent Threat 10, affiliated with China’s main intelligence service.
They have not been arrested.
The US and UK have accused China of violating an agreement relating to commercial espionage.
Zhu Hua and Zhang Shilong worked for a company called Huaying Haitai and in association with the Chinese Ministry of State Security, the US court filing says.
The Federal Bureau of Investigation (FBI) said that from at least 2006 until 2018, the two extensively hacked into computer systems with the aim of stealing intellectual property and confidential business and technological information from:
- at least 45 commercial and defence technology companies in at least 12 US states
- managed service providers (MSPs) and their government and commercial clients in at least 12 countries, including the UK, Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, and the UAE, as well as the US
- US government agencies
The FBI said they had also hacked into US Navy computer systems and stolen the personal information of more than 100,000 personnel.
FBI director Christopher Wray said the two men were at present “beyond US jurisdiction”.
Announcing the unsealing of the indictments, US Deputy Attorney General Rod Rosenstein said China had violated a 2015 agreement under which it had pledged to not engage in commercial cyber-spying.
Mr Rosenstein said his department’s move had been co-ordinated with US allies in Europe and Asia to rebuff “China’s economic aggression”.
He added: “We want China to cease its illegal cyber activities.”
The UK government said it was joining allies in holding the Chinese government responsible for a global campaign targeting commercial secrets.
UK Foreign Secretary Jeremy Hunt said: “This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world.
“These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.”
Australia and New Zealand said they too held China responsible for the global hacking campaign and joined their “like-minded partners” in condemning the activity.