WASHINGTON (CN) – Accusing China of trying to cyberattack its way to superpower status, U.S. prosecutors unsealed an indictment Thursday against two Chinese hackers who remain at large.
“China’s goal, simply put, is to replace the U.S. as the world’s leading superpower and they’re using illegal methods to get there,” FBI Director Christopher Wray said at a press conference this morning in Washington.
Though former President Barack Obama and Chinese President Xi Jinping struck an agreement in 2015 to cease hacking and cyber-enabled intellectual property theft, Deputy Attorney General Rod Rosenstein said today that the Chinese campaign of economic espionage has grown steadily since that time.
The 23-page indictment unsealed today in New York takes aim at the Chinese hackers Zhu Hua and Zhang Shlong, describing their online aliases as Godkiller and Atreexp, respectively.
Both allegedly conspired to commit wire fraud and aggravated identity theft as members of a hacking collective known as Advanced Persistent Threat 10.
Prosecutors say that the group’s first campaign began in 2006, targeting commercial and defense-technology companies, as well as U.S. government agencies, for theft of information and data.
“Specifically, the APT10 Group obtained unauthorized access to the computers of more than 45 such entities based in at least 12 states, including Arizona, California, Connecticut, Florida, Maryland, New York, Ohio, Pennsylvania, Texas, Utah, Virginia, and Wisconsin,” says the indictment, which is dated Dec. 17 but not unsealed before this morning.
More than a dozen U.S. allies, including Britain, Germany, Japan, Australia and Canada, are also expected to join the U.S. in its condemnation of China’s tactics later today. Each of the countries has found itself a target of Chinese spy campaigns over the years, with a particular uptick in more recent memory, officials claimed Thursday.
Prosecutors say the string of attacks that brought together this international coalition began in 2016, targeting computer networks known as managed service providers, or MSPs.
“The APT10 Group targeted MSPs in order to leverage the MSPs’ networks to gain unauthorized access to the computers and computer networks of the MSPS’ clients and steal, among other data, intellectual property and confidential business data on a global scale,” the indictment continues. “For example, through the MSP Theft Campaign, the APT10 Group obtained unauthorized access to the computers of an MSP that had offices in the Southern District of New York and compromised the data of that MSP and certain of its clients located in at least 12 countries, including Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, the United Kingdom, and the United States.”
U.S. Attorney Geoffrey Berman said that the U.S. agencies targeted in the attack included NASA, the Department of Energy and the Navy.
Prosecutors say that the hackers compromised sensitive information from more than 100,000 Navy personnel, including their names, Social Security numbers, dates of birth, salary information, personal phone numbers and email addresses.
Despite the alleged hackers being based in Tianjin, China – and believed to be acting in cahoots with the Chinese Ministry of State Security’s Tianjin State Security Bureau – Berman said that the publicity of the charges would make them hunted fugitives.
“You cannot remain anonymous even if you are halfway across the world,” Berman said.
The men are charged with three counts: aggravated identity theft, conspiring to commit computer intrusions and wire fraud. The charges carry a combined maximum sentence of 27 years in prison.
Courthouse News reporter Brandi Buchman reported from Washington, D.C.