By Chris Ciaccia
Published December 20, 2018
The Department of Justice has charged two Chinese nationals with an extensive hacking campaign the U.S. government says went on for approximately 12 years and affected 45 tech companies and government agencies all across the country.
The case, filed Thursday morning, alleges that defendants Zhu Hua and Zang Shilong, were members of a group known as "Advanced Persistent Threat 10" (APT 10) and acted on behalf of China's main intelligence agency.
The industries affected span a wide spectrum, ranging from pharmaceuticals, oil and gas and communications technology, among several others. "Throughout the Technology Theft Campaign, the APT 10 Group stole hundreds of gigabytes of sensitive data and targeted the computers of victim companies involved in a diverse array of commercial activity," the lawsuit reads.
“The indictment alleges that the defendants were part of a group that hacked computers in at least a dozen countries and gave China’s intelligence service access to sensitive business information,” said Deputy Attorney General Rosenstein in a statement obtained by Fox News. “This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system.”
Court papers say the defendants hacked computer service providers to gain access to the networks of businesses and governments in order to steal intellectual property and business data.
The defendants, who have also gone by several aliases including "Godkiller" (Hua) and "Atreexp" (Shilong), worked for Huaying Haitai Science and Technology Development Company in Tianjin, China and "acted in association with the Chinese Ministry of State Security's Tianjin State Security Bureau," the suit states.
The lawsuit also alleges that members of APT10, including Zhu and Zhang, "engaged in an intrusion campaign to obtain unauthoritzed access to the computers and computers networks of managed service providers for business and governments around the world." Twelve countries are named, including Canada, France and Germany, as well as the U.K., U.S. and Switzerland.
“The U.S. government has just accused China of violating its promise not to hack for the commercial advantage of its own industry," said Robert Silvers, partner at Paul Hastings LLP, and former Assistant Secretary for Cyber Policy at the U.S. Department of Homeland Security, in comments obtained by Fox News. "The indictments show there will be a price to pay for that. Companies need to be extra vigilant. Some of the world’s most capable hackers are looking to exploit IT vendors to steal their clients’ most sensitive information. Companies know they need to protect themselves, but they also need to be very sharp on monitoring the cybersecurity controls of their IT managed service providers. Hacks at the vendor level can be just as damaging as a hack on the company itself.”
“It is galling that American companies and government agencies spent years of research and countless dollars to develop their intellectual property, while the defendants simply stole it and got it for free” U.S. Attorney Geoffrey S. Berman added in the statement. “As a nation, we cannot, and will not, allow such brazen thievery to go unchecked.”
In addition, the defendants are alleged to have "comprised more than 40 computers in order to steal confidential data from the U.S. Navy, "including the personally identifiable information of more than 100,000 Navy personnel."
Names of the companies targeted were not included in the brief, but NASA Goddard Space Center, NASA Jet Propulsion Laboratory and the Dept. of Energy's Lawrence Berkeley National Laboratory were allegedly compromised.
The Associated Press contributed to this report. Follow Chris Ciaccia on Twitter @Chris_Ciaccia