WATCH: US charges 'Godkiller', one other hacker with alleged Chinese intelligence ties

2018-12-21 15:30
FBI Director Chris Wray (Drew Angerer/Getty Images/AFP)

FBI Director Chris Wray (Drew Angerer/Getty Images/AFP)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Washington – US officials on Thursday said two alleged Chinese hackers carried out an extensive campaign on behalf of Beijing's main intelligence agency to steal trade secrets and other information from government agencies and "a who's who" of major corporations in the United States and nearly a dozen other nations.

The indictment is the latest in a series of Justice Department criminal cases targeting Chinese cyberespionage and coincided with an announcement by Britain blaming China's Ministry of State Security for trade-secret pilfering affecting Western nations.

The alleged hackers, one of whom is nicknamed "Godkiller", are accused of breaching computer networks beginning as early as 2006 in a range of industries, including aviation and space, finance, biotechnology, oil and gas, satellites, and pharmaceuticals.

Prosecutors say they also obtained the names, social security numbers and other personal information of more than 100 000 Navy personnel.

In a new twist reflecting corporate computing's evolution, the hackers often infiltrated cloud computing companies and other major technology providers to indirectly reach clients' valuable documents.

Prosecutors said the alleged hackers stole "hundreds of gigabytes" of data, breaching computers of more than 45 entities in 12 states, including NASA's Jet Propulsion Lab and Goddard Space Centre. The hackers, identified as members of the group APT10, or "Stone Panda", are not in custody. Prosecutors said their names are Zhu Hua and Zhang Shillong.

'State sponsored actors'

US law enforcement officials say the case is part of a trend of state-sponsored hackers breaking into American networks and stealing trade secrets and other confidential information. More than 90% of Justice Department economic espionage cases over the past seven years involve China, said Deputy Attorney General Rod Rosenstein, and more than two-thirds of trade secrets cases are connected to the country.

"China's state-sponsored actors are the most active perpetrators of economic espionage," FBI Director Chris Wray said in announcing the case. "While we welcome fair competition, we cannot and will not tolerate illegal hacking, stealing or cheating.

"China's goal, simply put, is to replace the US as the world's leading superpower, and they're using illegal methods to get there," Wray said. While none of the "victim companies" was named, Wray called them a "who's who of the global economy".

China responded on Friday by accusing the US of "fabricating facts".

Chinese foreign ministry spokesperson Hua Chunying said in a statement that the indictment severely violates the basic norms of international relations and damages US-China cooperation. Hua called the charges "completely vile" and said the US has long engaged in "cybertheft".

Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen released a joint statement accusing China of reneging on a 2015 commitment not to seek competitive advantage through theft of trade secrets, intellectual property and confidential business information.

US officials testified before Congress last week that Beijing's continued hacking has made a mockery of that 2015 commitment by President Xi Jinping following a first-of-its-kind indictment that accused Chinese hackers of stealing corporate data from brand-name US companies.

'China has taken off the gloves again'

"We want China to cease illegal cyber activities and honour its commitment to the international community, but the evidence suggests that China may not intend to live up to its promises," Rosenstein said.

Rob Silvers, a former Obama administration cybersecurity official, said cases like this create an important deterrent but should be supplemented by sanctions and other steps.

"It's necessary to do this kind of thing, but it's not nearly enough," he said. "I don't think Rod Rosenstein would tell you that it's game, set, match."

After a 2014 indictment against five alleged Chinese hackers, and a subsequent agreement with the US, Beijing at least temporarily reduced its hacking activity, Silvers said.

This case shows that "China has taken the gloves off again," he said.

Adam Segal, a cybersecurity expert at the Council on Foreign Relations, agreed that Beijing is unlikely to be swayed by sanctions alone.

The indictment filed in federal court in Manhattan describes how in recent years, as government agencies and corporations have shifted data to cloud computing providers and services including email and collaboration tools to tech service providers, the Stone Panda hackers followed, typically stealing the log-in credentials of system administrators in order to reach coveted proprietary data of clients.

Wray likened it to "breaking into and getting the keys from the maintenance department".

'Widespread' cyberespionage campaign

Britain's Foreign Office accused the Chinese elite hackers of conducting a "widespread and significant" campaign of cyberespionage against the United Kingdom and its allies and "almost certainly continues to target a range of global companies, seeking to gain access to commercial secrets".

Targeted nations named in the US indictment include Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland and the United Arab Emirates.

In recent months, the Justice Department has filed separate cases against several Chinese intelligence officials and hackers. A case filed in October marked the first time that a Chinese Ministry of State Security officer was extradited to the United States to stand trial.

Chinese espionage efforts have become "the most severe counterintelligence threat facing our country today," Bill Priestap, the assistant director of the FBI's counterintelligence division, told a Senate committee.

Hacking by Chinese state-backed hackers dramatically escalated over the summer in response to the trade war with the US and military tensions in the South China Sea, said Tom Kellermann, chief cybersecurity officer of Carbon Black, whose company's threat-hunting tool is used in global cyber investigations.

He credited the Justice Department with targeting a group that he said was China's "most prolific hacker crew". He said he was not optimistic that the pair would be prosecuted in the US, but that's not the point.

"The Chinese are operating on a 50-year plan of information dominance, a comprehensive national strategy, and it's high time we actually reacted," Kellermann said.

Read more on:    us  |  china  |  cybercrime  |  hacking  |  espionage
NEXT ON NEWS24X

Join the conversation!

24.com encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.

Inside News24

 
/News
Traffic Alerts
Traffic
There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.