4 Chinese Nationals Indicted for Computer Hacking to Obtain Intellectual Property, BCI
A federal grand jury in San Diego indicted four Chinese nationals for the alleged hacking into the computer systems of dozens of companies, universities and government entities in the U.S. and abroad during 2011-18, the Justice Department said in a July 19 news release. Three of the people, Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin, were officers for the Hainan State Security Department (MSS) tasked with coordinating the computer hackers through a front company that the Chinese state agency established, Hainan Xiandun Technology Development. The fourth person, Wu Shurong, worked at Hainin Xiandun and created the malware to hack the systems used by foreign governments, companies and universities, DOJ said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
The hacking focused on information of “significant economic benefit to China's companies and commercial sectors,” including “information that would allow the circumvention of lengthy and resource-intensive research and development processes,” the release said. The hackers sought intellectual property and confidential business information from businesses in the aviation, defense, education, government, healthcare, biopharmaceutical and maritime sectors. The IP related to “submersibles and autonomous vehicles, specialty chemical formulas, commercial aircraft servicing, proprietary genetic-sequencing technology and data, and foreign information to support China’s efforts to secure contracts for state-owned enterprises within the targeted country,” DOJ said. The victims lived in the U.S., Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom.
The hacking scheme would send spearphishing emails to the victims, backed by fake online profiles with links to doppelganger domain names that were created to mimic the domains of legitimate companies, DOJ said. Often, the hacking scheme used anonymizer services, such as The Onion Router, to access malware on the targeted networks and manage the hackers' servers, the release said.
The FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency released a Joint Cybersecurity Advisory with further technical details about the hacking scheme, along with “indicators of compromise and mitigation measures.”