December 21, 2018
The Trump administration has charged two Chinese citizens accused of involvement in a state-sponsored effort to steal information from government agencies, various businesses and managed service providers. The hackers are said to be members of China’s elite APT10 group, and prosecutors claim there are direct links between the accused and China’s Ministry of State Security. The U.S. says China’s cyberattacks have become significant national and economic security threats. The latest charges indicate that Chinese authorities directed the hacking campaign.
For now, the U.S. is holding off on sanctioning those that have benefited from the hacks. According to senior Justice Department and other government officials, China has violated an earlier agreement with the Obama administration that does not allow such state-sponsored hacking for any type of economic gain.
“The charges come amid a broader push by the U.S. to deter cyberattacks and technology theft and reset trade relations with the world’s second largest economy on more favorable terms, through tariffs, sanctions, indictments and investment restrictions,” reports The Wall Street Journal.
“No country should be able to flout the rule of law — so we’re going to keep calling out this behavior for what it is: illegal, unethical and unfair,” said FBI director Christopher Wray. “No country poses a broader, more severe long-term threat.”
“Deputy Attorney General Rod Rosenstein said at the news conference … that more than 90 percent of Justice Department cases alleging economic espionage over the past seven years involved China, as did over two-thirds of those involving theft of trade secrets,” notes WSJ.
APT10 has targeted automotive, banking, energy, health care and telecom businesses. Sources suggest that HP, IBM and Marriott are among the group’s victims. The two defendants “are also accused of participating in hacking campaigns that targeted several U.S. government agencies, including the Energy Department, laboratories at NASA and the U.S. Navy,” explains WSJ.
According to Wired, the “hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called managed service providers. They’re the businesses that provide IT infrastructure like data storage or password management. Compromise MSPs, and you have a much easier path into all these clients.”
China Hacked HPE, IBM and Then Attacked Clients, Reuters, 12/20/18