4 Chinese Nationals Indicted for Computer Hacking to Obtain Intellectual Property, BCI
A federal grand jury in San Diego indicted four Chinese nationals for the alleged hacking into the computer systems of dozens of companies, universities and government entities in the U.S. and abroad during 2011-18, the Justice Department said in a July 19 news release. Three of the people, Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin, were officers for the Hainan State Security Department (MSS) tasked with coordinating the computer hackers through a front company that the Chinese state agency established, Hainan Xiandun Technology Development. The fourth person, Wu Shurong, worked at Hainin Xiandun and created the malware to hack the systems used by foreign governments, companies and universities, DOJ said.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
The hacking focused on information of “significant economic benefit to China's companies and commercial sectors,” including “information that would allow the circumvention of lengthy and resource-intensive research and development processes,” the release said. The hackers sought intellectual property and confidential business information from businesses in the aviation, defense, education, government, healthcare, biopharmaceutical and maritime sectors. The IP related to “submersibles and autonomous vehicles, specialty chemical formulas, commercial aircraft servicing, proprietary genetic-sequencing technology and data, and foreign information to support China’s efforts to secure contracts for state-owned enterprises within the targeted country,” DOJ said. The victims lived in the U.S., Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom.
The hacking scheme would send spearphishing emails to the victims, backed by fake online profiles with links to doppelganger domain names that were created to mimic the domains of legitimate companies, DOJ said. Often, the hacking scheme used anonymizer services, such as The Onion Router, to access malware on the targeted networks and manage the hackers' servers, the release said.
The FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency released a Joint Cybersecurity Advisory with further technical details about the hacking scheme, along with “indicators of compromise and mitigation measures.”