The U.S. Department of Justice indicted four Chinese hackers Guoan disguised as “Hainan Xian shield” was detected

The U.S. Department of Justice on Monday (19) released the names of four Chinese hackers, three of whom are from Hainan State Security, and one of whom is affiliated with Hainan State Security’s front company, Hainan Xian Shield. The four Chinese are accused of conspiring to commit computer fraud and economic espionage by hacking into the computer systems of dozens of companies, universities and governments in the United States and abroad between 2011 and 2018.

A federal grand jury in San Diego, California, agreed to indict the four Chinese hackers when it returned an indictment in May.

The four are Ding Xiaoyang, Cheng Qingmin, Zhu Yunmin and Wu Shurong, according to documents released Monday by the U.S. Department of Justice. The first three are from the Hainan State Security Department (HSSD) and are responsible for coordinating, assisting and managing hackers and linguists to carry out cyber attacks in China’s favor. The fourth defendant, Wu Shurong, is a hacker affiliated with Hainan Xiandun Technology Development Co., Ltd. and was responsible for creating malware to hack into the computer systems of foreign governments, companies and universities, as well as mentoring other hackers.

The DOJ statement said their collusive hacking activities compromised the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom, and the industries compromised included the aviation, defense, education, government, healthcare, biopharmaceutical and maritime sectors.

The indicted individuals are each charged with one count of conspiracy to commit computer fraud, which carries a maximum penalty of five years in prison, and one count of conspiracy to commit economic espionage, which carries a maximum penalty of 15 years in prison. The Federal Bureau of Investigation (FBI) has issued warrants for the four hackers in connection with China’s Hainan state security.

The FBI’s wanted notices are even more powerful than Interpol’s “Red Notice” and need to be enforced in countries that have mutual legal assistance with the U.S. Huawei Meng Wanzhou is a typical example, said Gao Guangjun, a lawyer practicing in New York, to this station.

Gao Guangjun: A judicial decision is a very harsh matter for many people, which means that once there is a decision, he must be executed. The remaining question is, how to enforce it? If the U.S. government is bound to enforce this, then the person who is sentenced may only stay in China forever. Once he goes to any other place, he will be threatened. The United States has judicial cooperation with countries in Southeast Asia, with Thailand, with the Philippines, with all of these countries, including South Korea and Japan. If the FBI has a wanted person, if they want to catch that person, then of course.

The U.S. Department of Justice documents describe these hackers from China’s State Security coordinating hacking activities through faculty and professors at universities in Hainan and elsewhere in China that not only assisted the Hainan State Security Department in finding and recruiting hackers and linguists, but also included their counterparts from foreign universities. One university in Hainan also has personnel who help support and manage the “Hainan Xian Shield,” including responsibility for salaries, benefits, and addresses.

Trade secrets and secret business information stolen included sensitive technology for submersibles and self-driving cars, special chemical formulas, commercial aircraft services, patented gene sequencing, and support for Chinese state-owned enterprises in securing foreign contracts, such as major high-speed rail development projects. As for at research institutions and universities, those stolen include research on infectious diseases related to Ebola, Middle East respiratory syndrome, HIV, Marburg virus and rabbit fever.

Southern District of California Attorney Randy Grossman noted, “The indictment shows that the Chinese government has chosen to go for deception and theft rather than relying on innovation. These crimes threaten our economy and national security. This indictment underscores the commitment and ability of the Department of Justice – to hold individuals and nations accountable for stealing the ideas and achievements of our nation’s best and brightest.”

The NSA released a report on the same day that identified more than 50 tactics, techniques and methods used by the Chinese government to support hackers.

China, for its part, responded by strongly rejecting the speculation-filled and baseless accusations, the fact that China is one of the main victims of cyber attacks, and that politicization and stigmatization will not help solve the cybersecurity problem.