U.S. Accuses Chinese Nationals of Decade-Long Hacking Campaign

December 20, 2018, 4:16 PM UTC

The U.S. accused two Chinese nationals of coordinating with state security officials on a decade-long campaign against dozens of companies in the U.S. and abroad to steal intellectual property and other data, adding tensions to a relationship already fraught over trade.

In an indictment unsealed in federal court in Manhattan on Thursday, Zhu Hua and Zhang Shilong were accused of conducting an “extensive” hacking campaign, allegedly infiltrating 45 U.S. companies and government agencies, as well as other firms in more than a dozen countries.

The hackers, known in the cybersecurity community as Advanced Persistent Threat 10, stole information from companies in an array of industries, including banking and finance, telecommunications, biotechnology, automotive, health care and mining, according to the indictment.

The group hacked the U.S. Navy, making off with the personal data of more than 100,000 personnel, and successfully infiltrated computers linked to NASA’s jet propulsion laboratory, the indictment said.

“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow international rules,” Deputy Attorney General Rod Rosenstein said in a statement.

The crackdown on Chinese cyber-espionage comes as the Trump administration faces off with Beijing on trade. Since July, the two countries have imposed tariffs on a combined $360 billion in each other’s imports, a bruising conflict that economists say could undermine the global upswing at a time when growth is leveling off.

The defendants worked for Huayhing Haitei Science and Technology Development Co. in Tianjin, China, and acted in coordination with the Chinese Ministry of State Security’s Tianjin State Security Bureau, according to the indictment. Their group was also known as “Red Apollo,” “CVNX,” “Stone Panda” and other names, according to the indictment.

The group used a technique known as spear phishing, in which emails are sent pretending to be from legitimate addresses to targets with attached documents and files that would secretly install malware if opened, according to the U.S. That gives hackers access to the subject’s computer and allows them to steal user names and passwords, files and other information.

Zhu, Zhang and other hackers gained access to at least 90 computers belonging to commercial and defense technology companies and federal government agencies, in at least a dozen states — including NASA’s Goddard Space Flight Center in Greenbelt, Maryland and Jet Propulsion Laboratory in Pasadena, California, the U.S. said.

“It is galling that American companies and government agencies spent years of research and countless dollars to develop their intellectual property, while the defendants simply stole it and got it for free,” said U.S. Attorney Geoffrey Berman in Manhattan. “We cannot, and will not, allow such brazen thievery to go unchecked.”

Prosecutors said in court filings that while the group used similar tools and methods in all its campaigns, the hackers increasingly strengthened their ability to breach network defenses as part of a “continuous and unrelenting effort” to steal technology and other information.

Starting in 2014, members of the group attempted to access computers and networks of managed service providers, which remotely manage information technology for businesses and governments worldwide, in order to break into their clients’ systems and steal “intellectual property and confidential business data on a global scale.”

That campaign included the hack of one managed service provider with offices in New York that compromised the data of the provider and clients located in a dozen countries involved in industries including banking and finance, consumer electronics and oil and gas exploration, prosecutors said.

Fed Chairman Jerome Powell said this week the tit-for-tat tariffs are one of the factors the central bank is monitoring amid signs of slowing global growth. President Donald Trump and President Xi Jinping agreed on Dec. 1 to refrain from imposing new tariffs, giving their officials 90 days to work out a deal on thorny issues like U.S. allegations that China steals intellectual property.

But the prospect of a deal has been clouded by the arrest in Canada of Huawei executive Meng Wanzhou, who the U.S. accuses of helping the telecom company evade sanctions against Iran.