US charges 5 Chinese nationals, 2 Malaysians in hacking of more than 100 targets

Jacob Fromer in Washington, South China Morning Post

Posted at Sep 17 2020 12:27 PM

The US Department of Justice announced charges against five Chinese and two Malaysian nationals on Wednesday in the hacking of more than a hundred targets in the US and elsewhere, including telecommunications companies, universities, think tanks, and pro-democracy activists and politicians in Hong Kong.

The Malaysian nationals were arrested by Malaysian authorities on Monday. The Justice Department says the Chinese nationals are now at large in China.

“The department of Justice has used every tool available to disrupt the illegal computer intrusions and cyberattacks by these Chinese citizens,” Deputy Attorney General Jeffrey A. Rosen said in a statement.

“Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China.”

The Justice Department said that one of the Chinese nationals had boasted he was protected by China’s Ministry of State Security.

“Some of these criminal actors believed their association with the [People’s Republic of China] provided them free licence to hack and steal across the globe,” Acting US Attorney Michael Sherwin said in a statement.

The Chinese embassy in Washington did not immediately respond to a request for comment.

In total, the five Chinese nationals – Zhang Haoran, 35; Tan Dailin, 35; Jiang Lizhi, 35; Qian Chuan, 39; and Fu Qiang, 37 – were accused of various offences, from identity theft to money laundering to various computer violations.

Watch more in iWant or TFC.tv

The Justice Department said the accused Chinese hackers were part of an operation known as APT41.

In a report last year, the cybersecurity firm FireEye said APT41 targeted call record information at telecommunications companies, and once hacked a hotel’s reservation system before Chinese officials stayed there, “suggesting the group was tasked to reconnoitre the facility for security reasons”.

“Like other Chinese espionage operators, APT41 espionage targeting has generally aligned with China’s Five-Year economic development plans,” the report said.

The Justice Department says Jiang, Qian and Fu operated through a company called Chengdu 404 Network Technology and hacked government computer networks in India and Vietnam.

Zhang and Tan meanwhile are accused of hacking video game companies, stealing virtual resources used in games and selling them for profit.

The department says seven companies, including Facebook, Google, Microsoft and the telecommunications company Verizon, had helped “identify and neutralise” some of the accused hackers’ servers, malware, and other tools.

The Malaysian nationals – Wong Ong Hua, 46, and Ling Yang Ching, 32, both described as businessmen – are accused of conspiring with the accused Chinese hackers.

The charges come as US-China relations continue to unravel over the coronavirus pandemic, trade war and human rights, with distrust between the two governments now higher than it has been in decades.

The Justice Department has been particularly active this year in prosecutions related to alleged Chinese espionage and hacking.

In July, a federal grand jury in Washington state indicted two Chinese nationals on charges of hacking. They are accused of targeting dissidents and human rights activists in the US, Hong Kong and mainland China, and firms conducting Covid-19 research.

Watch more in iWant or TFC.tv

On Monday, the US Department of Homeland Security issued a separate warning that hackers associated with the Chinese Ministry of State Security were using “commercially available information sources and open-source exploitation tools” to target US government computers.

In response to Wednesday’s announcement, a US financial services trade association expressed alarm at the charges and urged the Securities and Exchange Commission to protect American retail investors’ data from Chinese hacking.

“Today’s charges by the [Department of Justice] should serve as a wake-up call that the Chinese Communist Party (CCP) is actively engaged in cyberattacks against the United States, our companies, and our government institutions,” said Chris Iacovella, CEO of the American Securities Association.