CloudDatacentreNetworksSecurityWorkspace

US Arrests Chinese Man For Multiple Cyber-Attacks

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Follow on: Google +

The 36-year-old was arrested in Los Angeles on hacking charges linked to the high-profile hacks of the US Office of Personnel Management and insurer Anthem

US authorities have arrested a Chinese national on hacking charges related to security breaches at the United States Office of Personnel Management (OPM), the insurer Anthem and other high-profile cases.

Yu Pingan was arrested last week shortly after disembarking at Los Angeles International Airport, according to the US Department of Justice.

US-China friction

The move is one of the first such actions against a Chinese citizen since a September 2015 hacking accord between the US and China. Computer security firms have said that the number of Chinese state-sponsored attacks on US companies appear to have dropped significantly since that deal, but industry observers have argued this may only signal a shift towards methods that are more difficult to detect.

In October 2015 Chinese president Xi Jinping and then-British prime minister David Cameron jointly announced a comparable agreement during a state visit by Xi to the UK.

cyber attacks, cyber threatIn formal charges against Yu the Justice Department alleged he conspired with two other Chinese citizens to hack the systems of three unnamed US companies based in California, Massachusetts and Arizona.

Yu was charged with using hacking tools including Sakula, which has only been used in a few cases, including the OPM attack in 2014 and the Anthem breach in 2015. The OPM and Anthem weren’t specifically mentioned in the charges.

The Justice Department said the attacks in question were carried out between 2011 and 2014 and used false web domains and previously unknown software vulnerabilities to gain access to computer systems.

Data theft

In one of the attacks mentioned in the complaint the attackers used malicious code hosted at an address spelled similarly to that of Los Angeles company Capstone Turbine to target companies. The same technique was used in the attacks on Anthem and other health insurers.

The 2014 OPM breach, discovered the following year, involved the theft of extensive personal information on millions of government employees. The data included addresses, health and financial histories, fingerprints and other details on individuals who had been subject to background checks by the US government.

amazon, cyber securityYu had an initial hearing at a federal court in San Diego and a detention hearing is scheduled for 31 August.

A resident of Shanghai, Yu is an expert in programming and network security, according to the complaint. Yu’s lawyer said he is a computer science teacher.

The FBI said it tracked the attacks named in the complaint by tracing their IP addresses and hacking tools and by monitoring their online communications.

Do you know all about security in 2017? Try our quiz!