clock menu more-arrow no yes

US charges Chinese government-linked hackers accused of a decade-long global cyber campaign

Federal prosecutors say two cyber attackers stole government and business secrets from the US and about a dozen other countries.

Deputy AG Rod Rosenstein Announces Law Enforcement Action Related To China
FBI Director Christopher Wray discusses charges against Chinese hackers on December 20, 2018.
Photo by Alex Wong/Getty Images

The US Department of Justice has charged two Chinese hackers accused of a vast and global cyber campaign to steal business and technology secrets.

In an indictment unsealed Thursday, the Justice Department charged Zhu Hua and Zhang Shilong — two Chinese nationals associated with the Chinese government — with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.

The hackers waged their cyber campaign for more than a decade, starting in 2006, according to prosecutors, and stole secrets from businesses and governments around the globe, including more than 45 technology companies and US government agencies, such as the NASA Jet Propulsion Lab. Prosecutors also allege that the hackers stole “confidential data” from the US Navy, including information on more than 100,000 personnel.

Prosecutors say that Zhu and Zhang were affiliated with a hacking group known as “Advanced Persistent Threat 10” — also known as APT 10. Though they worked for a company in China, authorities say they “acted in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau.”

“China’s goal, simply put, is to replace the U.S. as the world’s leading superpower — and they’re using illegal methods to get there,” FBI Director Christopher Wray said Thursday at a press conference announcing the charges.

It’s unlikely the two hackers will ever see the inside of a US courtroom, but the indictment spotlights China’s aggressive campaign to steal trade and technology secrets around the world.

According to prosecutors, the Chinese hackers carried out a global campaign, targeting institutions in at least 12 countries, including Brazil, Japan, India, and the United Kingdom. The US announced these charges Thursday in concert with statements from other allies, a multilateral push that experts say may increase some of the pressure on China for its actions.

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world,” UK Foreign Secretary Jeremy Hunt said in a statement.

The hackers obtained access to systems for businesses and government agencies through spear-phishing attacks. They would send emails that mimicked legitimate email addresses, getting users to click on them or open attachments that would install malware on the systems. Once the hackers infiltrated the systems, they “collected relevant files and other information from the compromised computers,” including confidential intellectual property and business data, prosecutors say.

“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system,” Deputy Attorney General Rod Rosenstein said in a statement.

The indictment also comes as the US and China are engaged in a trade war. The two sides reached a temporary truce in November, with President Donald Trump agreeing to hold off raising tariffs on nearly $200 billion in goods. Negotiations are scheduled to resume in January, and while tariffs will definitely be on the agenda, technology and intellectual property theft will be among the hardest issues to sort out. This indictment and others like it may play into those discussions, and potentially complicate the process of any trade deal.

Read the indictment here.

Sign up for the newsletter Sign up for The Weeds

Get our essential policy newsletter delivered Fridays.