US Files Charges Against Two ‘Chinese Government Hackers’

Two men belonging to a hacking group affiliated with China’s main intelligence service, have been charged by US authorities.

Zhu Hua (Godkiller) and Zhang Shilong (Atreexp) allegedly worked for a company called Huaying Haitai Science and Technology Development Company and “acted in association with Chinese Ministry of State Security, the US court filing reveals.

They were members of a hacking group operating in China known within the cyber security community as Advanced Persistent Threat 10 (APT10), the court document reads.

US charges

APT10 was named by National Cyber Security Centre (NCSC), PwC and BAE Systems in 2017 as being responsible for breaching a variety of UK firms in a systemic global hacking operation.

And this year the British of Ministry of Defence (MoD) admitted that sensitive data had been compromised on multiple occasions by outside forces.

APT10 was identified as hacking IT suppliers in order to obtain military and intelligence information.

And now the two Chinese men are accused of conducting extensive campaigns of global intrusions into computer systems between 2006 and 2018.

They are said to have hacked into 45 commercial and defence technology companies in at least 12 US states, hit a number of countries including the UK, and hacked into US Navy computer systems and stole personal information of more than 100,000 personnel.

FBI director Christopher Wray is quoted by the BBC as saying that the two men were at present “beyond US jurisdiction”.

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world,” UK Foreign Secretary Jeremy Hunt is also quoted as saying.

“These activities must stop,” said Hunt. “They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.”

Cyber defences

The near constant number of cyber attacks carried out by nation states has seen the British undertake a massive expansion of its own cyber-offensive capability.

The exact nature of the UK’s offensive cyber weaponry is a closely guarded secret, but in a submission to a report last December by parliament’s intelligence and security committee, GCHQ said the capabilities of its cyber unit extended to “the high end of counter state offensive cyber capabilities”.

“We actually over-achieved and delivered (almost double the number of) capabilities (we were aiming for),” GCHQ said in the report.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

9 hours ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

13 hours ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

14 hours ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

1 day ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

1 day ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

1 day ago