US prosecutors allege widespread China-based hacking plot

The US Department of Justice announced charges against five Chinese citizens on Wednesday in what prosecutors called a wide-ranging computer hacking conspiracy that targeted more than 100 companies globally.

The charges were the latest in an ongoing effort by US authorities to put pressure on the Chinese government to halt its alleged theft of intellectual property and crack down on cyber criminals operating in China.

Justice department officials criticised Beijing directly, claiming it was allowing cyber criminals to operate freely as long as they also helped state authorities.

Tensions between the US and China have escalated under the Trump administration, with both Republicans and Democrats increasingly viewing the Chinese government as a threat.

“The Department of Justice has used every tool available to disrupt the illegal computer intrusions and cyber attacks by these Chinese citizens,” said Jeffrey Rosen, deputy attorney-general.

“Regrettably, the Chinese Communist party has chosen a different path of making China safe for cyber criminals so long as they attack computers outside China and steal intellectual property helpful to China,” he added.

US prosecutors have mounted an aggressive campaign in recent years against alleged computer hacking and espionage by the Chinese government and Chinese nationals. The charges announced on Wednesday add to a steady drumbeat of cases brought by the justice department under its “China initiative”.

Five accused hackers based in China, whose activities are known by security researchers under the label “APT41”, were charged in August 2019 and August 2020, the justice department said on Wednesday.

The alleged conduct in both cases ran from 2014 until last month. Prosecutors said one tactic they used involved compromising software providers to allow them easier access to those providers’ corporate and other customers.

John Hultquist, director of intelligence analysis at FireEye, a cyber security company, called APT41 “a unique actor, who carries out global cyber espionage while simultaneously pursuing a criminal venture”.

“APT41 has been involved in several high-profile supply chain incidents which often blended their criminal interest in video games with the espionage operations they were carrying out on behalf of the state,” he added.

The 2019 case alleged a pattern of hacking involving the theft and sale of digital assets in online video games. Two additional Malaysian businessmen were charged last month with conspiring with the two China-based defendants in that alleged scheme.

The Malaysians were arrested by Malaysian authorities on Sunday evening, while the China-based individuals remained at large, the justice department said.

“Ideally, I would be thanking Chinese law enforcement authorities for their co-operation in this matter and the five Chinese hackers would now be in custody awaiting trial,” Mr Rosen said.

The August 2020 indictment concerned an alleged hacking campaign aimed at non-commercial targets including pro-democracy activists in Hong Kong, university students in Taiwan and government networks in India, Vietnam and the UK.

The justice department said the attacks in India and Vietnam were successful, but officials declined to provide further details.

US officials said the Chinese government had “tacitly approved” the alleged conduct, but stopped short of claiming the defendants were state-sponsored.

However, the August 2020 indictment alleged the three defendants worked for a company with links to the Chinese military, Chengdu 404, and that one of the claimed hackers had boasted of his connections to Chinese intelligence.

Michael Sherwin, the acting US attorney for the District of Columbia, said the non-commercial targets and other evidence were “breadcrumbs” suggesting the defendants were “proxies for the Chinese government”.

The Chinese government has previously denied US claims that it steals foreign intellectual property, or turns a blind eye to and works with cyber criminals. The Chinese embassy in Washington did not immediately respond to a request for comment.

The justice department on Wednesday also praised US companies such as Microsoft, Google, Facebook and Verizon for assisting with its investigation. Microsoft in particular was singled out for playing a “significant part” in the effort to halt the alleged hacking.

The indictments unveiled Wednesday “are further evidence that American and global companies continue to be besieged by Chinese and other malicious foreign government hackers,” said Sumon Dantiki, a former cyber crime prosecutor, now a partner at King & Spalding.

[optin-cat id=7010]