U.S. Department of Justice announces charges against two Chinese hackers

The Department of Justice announced criminal charges against two computer hackers associated with the Chinese government. 

In an announcement made last Thursday, Deputy Attorney General Rod J. Rosenstein said the charges include a “conspiracy to commit computer intrusions against dozens of companies in the United States and around the world.” The two defendants allegedly committed cyber crimes in association with a Chinese intelligence service, Ministry of State Security.

“This case is significant because the defendants are accused of targeting and compromising Managed Service Providers, or MSPs. MSPs are firms that other companies trust to store, process, and protect commercial data, including intellectual property and other confidential business information,” Rosenstein said. “When hackers gain access to MSPs, they can steal sensitive business information that gives competitors an unfair advantage.”

The indictment also alleges the hackers worked for a cyber espionage group, also known as APT-10. APT stands for Advanced Persistent Threats, a name designated to cybercriminal groups that often use malware to gain unauthorized access to computers and networks, in order to steal data over an extended period of time. 

“These defendants allegedly compromised MSP clients in at least a dozen countries. The victims included companies in banking and finance, telecommunications and consumer electronics, medical equipment, packaging, manufacturing, consulting, healthcare, biotechnology, automotive, oil and gas exploration, and mining,” Rosenstein added. 

According to the Department of Justice, greater than 90 percent of the Department of Justice cases related to alleged economic espionage and two-thirds of cases involving the theft of trade secrets over the past several years involved China. 

Just this past September, security firm FireEye reported that APT10 was targeting the Japanese media sector via spear phishing cyber attacks used to plant backdoors on target systems. FireEye had been tracking APT10 activity going back to 2009.