West accuses China of carrying out ‘malicious’ cyber warfare campaign

Britain claims group acting on behalf of the Chinese government has allegedly been targeting commercial secrets globally

Britain has accused China of carrying out a global campaign of cyber warfare. Bloomberg
Powered by automated translation

Britain and its allies have accused elements of the Chinese government of carrying out an “malicious” cyber warfare campaign targeting commercial secrets around the world.

A group, known as APT 10, acting on behalf of the Chinese Ministry of State Security targeted intellectual property and sensitive commercial data in Europe, Asia and the US, the British government said.

Britain’s National Cyber Security Centre (NCSC) said it had assessed “with the highest level of probability” that APT 10 is responsible for a “sustained cyber campaign” focused on large-scale service providers. It added that the group was targeting a range of global companies.

Foreign secretary Jeremy Hunt said on Thursday: “This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world

“These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.

“Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld.”

On the same day, Deputy Attorney General Rod Rosenstein and FBI Director Christopher Wray announced the indictment of two Chinese hackers accused of being part of the APT 10 group.

The Chinese citizens, who prosecutors said were acting on behalf of China’s main intelligence agency, are accused of penetrating networks of US agencies and companies.

Mr Wray said the investigation showed that China's goal is “to replace the US as the world's superpower” using illegal methods.

The indictment unsealed in federal court in Manhattan on Thursday, Zhu Hua and Zhang Shilong were accused of conducting an “extensive” hacking campaign, allegedly infiltrating 45 U.S. companies and government agencies, as well as other firms in more than a dozen countries.

The hackers, known in the cybersecurity community as Advanced Persistent Threat 10, stole information from companies in an array of industries, including banking and finance, telecommunications, biotechnology, automotive, health care and mining, according to the indictment.

The group hacked the US Navy, making off with the personal data of more than 100,000 personnel, and successfully infiltrated computers linked to NASA’s jet propulsion laboratory, the indictment said.

“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow international rules,” Mr Rosenstein said in a statement.

The crackdown on Chinese cyber-espionage comes as the Trump administration faces off with Beijing on trade. Since July, the two countries have imposed tariffs on a combined $360 billion in each other’s imports, a bruising conflict that economists say could undermine the global upswing at a time when growth is levelling off.

_______________

Read more:

Hacked diplomatic cables EU reveal concerns over Trump and Russia

Fresh evidence of China hacking hardware found in US telecom

_______________

The defendants worked in coordination with the Chinese Ministry of State Security’s Tianjin State Security Bureau, according to the indictment. Their group was also known as “Red Apollo,” “CVNX,” “Stone Panda” and other names, according to the indictment.

The group used a technique known as spear phishing, in which emails are sent pretending to be from legitimate addresses to targets with attached documents and files that would secretly install malware if opened. That gives hackers access to the subject’s computer and allows them to steal user names and passwords, files and other information.

Zhu, Zhang and other hackers gained access to at least 90 computers belonging to commercial and defence technology companies and federal government agencies, in at least a dozen states -- including NASA’s Goddard Space Flight Center in Greenbelt, Maryland and Jet Propulsion Laboratory in Pasadena, California, the US said.

“It is galling that American companies and government agencies spent years of research and countless dollars to develop their intellectual property, while the defendants simply stole it and got it for free,” said US Attorney Geoffrey Berman in Manhattan. “We cannot, and will not, allow such brazen thievery to go unchecked.”