Justice Department Charges Four Chinese Nationals Working for Global Intrusion Campaign

By Alvaro Marañon
Monday, July 19, 2021, 12:47 PM

On July 16, the Department of Justice unsealed a grand jury indictment from May 28 against four Chinese nationals for a global computer intrusion campaign that targeted the computer systems of companies, universities and government entities in the United States and eleven other countries between 2011 and 2018. The four defendants are charged with "conspiracy to damage protected computers and conspiracy to commit economic espionage." The four defendants are identified as residents and nationals of China, and three of the defendants are alleged to have been active officers in the Hainan State Security Department, a provincial arm of China’s Ministry of State Security, during the group’s hacking efforts. The defendants are alleged to have created front companies "to conduct the hacking for the benefit of China and its state-owned and sponsored instrumentalities."

At the same time, the Cybersecurity and Infrastructure Security Agency and the FBI released a joint cybersecurity advisory related to this Chinese advanced persistent threat group (APT40). The advisory included details about the APT40’s tactics, techniques and procedures, and other information relevant to identifying and remediating the APT40 intrusions.

Concurrently, the White House also released a joint statement with allies and partners that “exposes” the People’s of Republic of China as engaging in a pattern of “malicious cyber activity and irresponsible state behavior.” The group of allies includes the European Union, the United Kingdom and NATO.

You can read the indictment here and below: