The Department of Justice (DOJ) on Monday announced unsealed a grand jury indictment charging four nationals and residents of the People’s Republic of China with a campaign to hack into the computer systems of dozens of victim companies, universities, and government entities in the United States and abroad between 2011 and 2018.
According to a release from the DOJ, a San Diego federal grand jury returned the indictment of all four in May and it was unsealed on Friday.
The indictment says Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front company called Hainan Xiandun Technology Development Co., Ltd.
The goal of the operation, according to the Justice Department, was to steal information from companies that would help enterprises in China. The DOJ said the hackers were specifically looking for “information that would allow the circumvention of lengthy and resource-intensive research and development processes.”
The four defendants are charged with “conspiracy to damage protected computers and conspiracy to commit economic espionage.” The four defendants are identified as residents and nationals of China, and three of the defendants are alleged to have been active officers in the Hainan State Security Department, a provincial arm of China’s Ministry of State Security, during the group’s hacking efforts.
The defendants are alleged to have created front companies “to conduct the hacking for the benefit of China and its state-owned and sponsored instrumentalities.”
Ding Xaioyang, Cheng Qingmin, Zhu Yunmin, and Wu Shurong had one goal, according to court documents: install malware on protected computers and steal the data on the computers.
According to DOJ’s release, the two-count indictment alleges that Ding Xiaoyang (丁晓阳), Cheng Qingmin (程庆民) and Zhu Yunmin (朱允敏), were HSSD officers responsible for coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies to conduct hacking for the benefit of China and its state-owned and sponsored instrumentalities. The indictment alleges that Wu Shurong (吴淑荣) was a computer hacker who, as part of his job duties at Hainan Xiandun, created malware, hacked into computer systems operated by foreign governments, companies and universities, and supervised other Hainan Xiandun hackers.
The conspiracy’s hacking campaign targeted victims in the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom, DOJ said. Targeted industries included, among others, aviation, defense, education, government, health care, biopharmaceutical and maritime.
“These criminal charges once again highlight that China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments,” said Deputy Attorney General Lisa O. Monaco. “The breadth and duration of China’s hacking campaigns, including these efforts targeting a dozen countries across sectors ranging from healthcare and biomedical research to aviation and defense, remind us that no country or industry is safe. Today’s international condemnation shows that the world wants fair rules, where countries invest in innovation, not theft.”
At the same time, the Cybersecurity and Infrastructure Security Agency and the FBI released a joint cybersecurity advisory related to this Chinese advanced persistent threat group (APT40). The advisory included details about the APT40’s tactics, techniques and procedures, and other information relevant to identifying and remediating the APT40 intrusions.
Concurrently, the White House also released a joint statement with allies and partners that “exposes” the People’s of Republic of China as engaging in a pattern of “malicious cyber activity and irresponsible state behavior.” The group of allies includes the European Union, the United Kingdom and NATO.
You can read the indictment below:
Xiaoyang Certified Indictme… by ABC News Politics
A global media for the latest news, entertainment, music fashion, and more.