Updates to our Terms of Use

We are updating our Terms of Use. Please carefully review the updated Terms before proceeding to our website.

Thursday, March 28, 2024 | Back issues
Courthouse News Service Courthouse News Service

Chinese Nationals Charged in State-Sponsored Hacking Scheme

Staff and professors at multiple Chinese universities helped recruit hackers and linguists to steal from targeted computer networks, including their peers at foreign universities.

SAN DIEGO (CN) — According to an indictment unsealed Monday, four Chinese nationals working for a state security department were charged in the Southern District of California on charges of hacking computer systems in industries of significant economic benefit to China to steal intellectual property and avoid lengthy, expensive research and development processes.

According to the newly unsealed 30-page federal grand jury indictment, Ding Xiaoyang, Cheng Qingmin, Zhu Yunmin and Wu Shurong engaged in a yearslong conspiracy between 2011 and 2018. During this time, they worked for a front company created by the Hainan Province Ministry of State Security, a foreign intelligence arm of the People Republic of China’s Ministry of State Security, called Hainan Xiandun Technology Development Co. Ltd.

The state department was primarily responsible for domestic counterintelligence, non-military foreign intelligence and certain aspects of political and domestic security.

In the first statement of its kind from the White House, the Biden administration condemned China on Monday for paying shadowy groups for partaking in cybercrimes on behalf of the country. No sanctions were implemented against China for hacking Microsoft email servers harming up to 30,000 people in the U.S., however.

The statement follows comments made in 2018 by former President Donald Trump’s director of national intelligence, Dan COats, who warned China was carrying out nefarious cyber activities targeting government entities on an “unprecedented scale.”

According to acting U.S. attorney Randy Grossman, the indictment alleges the government of China engaged in worldwide economic espionage.

“The defendants include foreign intelligence officials who orchestrated the alleged offenses, and the indictment demonstrates how China’s government made a deliberate choice to cheat and steal instead of innovate,” Grossman said in a statement Monday. “These offenses threaten our economy and national security, and this prosecution reflects the Department of Justice’s commitment and ability to hold individuals and nations accountable for stealing the ideas and intellectual achievements of our nation’s best and brightest people.”

According to the indictment, originally filed under seal on May 28, Hainan Xiandun Technology Development Co. Ltd. held itself out publicly as “a fast-growing high-tech information security company … located in Haikou City, Hainan Province” providing “big data security, security situational awareness, and security technology research … committed to exploring the development trend of cutting-edge science and technology.”

The company employed hackers who stole data from companies and universities researching the Ebola virus and its vaccines as well as maritime research and development, among other important industries, according to the U.S. Attorney’s Office for the Southern District of California.

The scheme was carried out after China’s president, Xi Jinping, made a commitment in 2015 to no longer support electronic theft of intellectual property to provide competitive advantages to Chinese companies or commercial sectors.

“Hainan Xiandun employed hackers also sought to and did steal data from U.S. and foreign government entities, in some instances for use to support PRC’s efforts to secure contracts for state-owned enterprises in the relevant countries,” federal prosecutors claim in the indictment.

Countries targeted in the scheme include the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom.

The defendants coordinated with staff and computer science professors at various universities throughout China to recruit computer hackers and linguists to interpret the stolen material, according to the indictment.

The hackers are accused of installing malware and tools to commit unauthorized computer intrusions to steal proprietary information through phishing emails, which appeared to originate from legitimate accounts and attached malware that would damage and facilitate unauthorized access into recipients’ computer system.

Prosecutors say the defendants used doppelganger domain names to mimic the domains of legitimate companies to trick users into clicking on links.

Universities across the United States were targeted, as were several maritime and aircraft companies and the National Institutes of Health.

Follow Bianca Bruno on Twitter

Follow @@BiancaDBruno
Categories / Criminal, International, Technology

Subscribe to Closing Arguments

Sign up for new weekly newsletter Closing Arguments to get the latest about ongoing trials, major litigation and hot cases and rulings in courthouses around the U.S. and the world.

Loading...