US Files Charges Against Two ‘Chinese Government Hackers’

Alibaba

Two Chinese men belonging to Advanced Persistent Threat 10 hacking group are charged by US authorities

Two men belonging to a hacking group affiliated with China’s main intelligence service, have been charged by US authorities.

Zhu Hua (Godkiller) and Zhang Shilong (Atreexp) allegedly worked for a company called Huaying Haitai Science and Technology Development Company and “acted in association with Chinese Ministry of State Security, the US court filing reveals.

They were members of a hacking group operating in China known within the cyber security community as Advanced Persistent Threat 10 (APT10), the court document reads.

US charges

APT10 was named by National Cyber Security Centre (NCSC), PwC and BAE Systems in 2017 as being responsible for breaching a variety of UK firms in a systemic global hacking operation.

And this year the British of Ministry of Defence (MoD) admitted that sensitive data had been compromised on multiple occasions by outside forces.

APT10 was identified as hacking IT suppliers in order to obtain military and intelligence information.

And now the two Chinese men are accused of conducting extensive campaigns of global intrusions into computer systems between 2006 and 2018.

They are said to have hacked into 45 commercial and defence technology companies in at least 12 US states, hit a number of countries including the UK, and hacked into US Navy computer systems and stole personal information of more than 100,000 personnel.

FBI director Christopher Wray is quoted by the BBC as saying that the two men were at present “beyond US jurisdiction”.

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world,” UK Foreign Secretary Jeremy Hunt is also quoted as saying.

“These activities must stop,” said Hunt. “They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.”

Cyber defences

The near constant number of cyber attacks carried out by nation states has seen the British undertake a massive expansion of its own cyber-offensive capability.

The exact nature of the UK’s offensive cyber weaponry is a closely guarded secret, but in a submission to a report last December by parliament’s intelligence and security committee, GCHQ said the capabilities of its cyber unit extended to “the high end of counter state offensive cyber capabilities”.

“We actually over-achieved and delivered (almost double the number of) capabilities (we were aiming for),” GCHQ said in the report.

Do you know all about security? Try our quiz!