U.S. Indicts 4 Chinese Communist Agents for Leading Hacking Attacks

The U.S. Department of Justice announced July 19 that it has charged four Chinese nationals with participating in a global hacking operation led by the Chinese Communist Party’s Ministry of State Security to break into computer systems. The attacks targeted dozens of companies, universities and government agencies in the United States and other countries from 2011 to 2018, stealing intellectual property and confidential business information, including infectious disease research, among other things.

A federal grand jury in San Diego, California, indicted four Chinese nationals living in China last May, the U.S. Department of Justice said Monday. The indictment, disclosed to the public Monday, alleges that much of the computer hacking operation focused on stealing information of significant economic interest to Chinese companies and businesses, including information that would allow China to bypass lengthy and resource-intensive research and development processes.

The defendants and their co-conspirators in China’s Hainan State Security Department sought to disguise the Chinese government’s role in the theft by setting up a front company, Hainan Xian Dun Technology Development Co.

The indictment on two specific counts alleges that defendants Ding Xiaoyang, Cheng Qingmin, and Zhu Yunmin were agents of the Hainan Provincial Department of State Security responsible for coordinating, facilitating, and managing the computer hacking and linguistic operations of Hainan Xandun, as well as other front companies of the Chinese Ministry of State Security, to engage in hacking operations that benefited the Chinese government and state-run institutions. In addition, computer hacker Shu Rong Wu, as part of her duties at Hainan Xian Shield, writes malware to hack into the computer systems of foreign governments, companies, and universities, and manages other hackers at Hainan Xian Shield.

These hacks were targeted at victims in the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, and the United Kingdom. Industries victimized include aerospace, defense, education, government, health, biopharmaceutical, and maritime. Industry secrets and confidential business information stolen included sensitive technologies used in submersibles and autonomous vehicles, particularly chemical equations, commercial aircraft maintenance, patented gene sequencing technologies and data, and country-specific information that could help the Chinese government obtain contracts for state-run enterprises, including contracts for the massive development of high-speed rail projects; hacking operations targeting research institutions and universities to steal information involving Ebola The indictment also states that the hacking operations against research institutions and universities stole research on infectious diseases such as Ebola, Middle East respiratory syndrome, HIV and AIDS, Marburg virus and rabbit fever.

The indictment also states that the alleged Chinese DSS agents also coordinated with personnel and professors at various universities in Hainan Province and other parts of China to further the hacking goals. Not only did these universities help the DSS identify and recruit hackers and linguists to break into the computer systems of the targeted entities to steal information, one university in Hainan also helped support and manage Hainan Xian Shield, including by paying salaries, benefits and providing mailing addresses.

U.S. Deputy Attorney General Lisa Monaco said, “These criminal charges once again highlight the Chinese Communist Party’s continued use of cyberattacks to steal the intellectual property of other countries in blatant defiance of its bilateral and multilateral commitments. China’s hacking campaign includes targeting more than a dozen countries in areas ranging from healthcare and biomedical research to aerospace and defense. These attacks remind us that no country or industry is safe. Today’s international condemnation shows that the world wants fair rules and that countries can invest in innovation, not theft.”

Reuters reported Monday that the U.S. announcement of the charges and indictments came as the U.S. and other allies on Monday condemned China’s Ministry of State Security for engaging in global cyber hacking, particularly since the massive intrusion against U.S. company Microsoft revealed earlier this year was also the work of hackers in the service of the Chinese government.