Two Chinese men have been charged in a massive, years-long hacking campaign that stole personal and proprietary information from companies around the world, the FBI and the Justice Department announced at a press conference today in Washington, D.C.
The men, Zhu Hua and Zhang Shilong, are part of a group known as Advanced Persistent Threat 10, or APT 10, a hacking group associated with the Chinese government. A New York grand jury indicted the pair for conspiracy to commit computer intrusion, conspiracy to commit wire fraud, and aggravated identity theft. The indictment was unsealed today.
According to the indictment, from around 2006 to 2018, APT 10 conducted extensive hacking campaigns, stealing information from more than 45 victim organizations, including American companies. Hundreds of gigabytes of sensitive data were secretly taken from companies in a diverse range of industries, such as health care, biotechnology, finance, manufacturing, and oil and gas.
FBI Director Christopher Wray described the list of companies, not named in the indictment, as a “Who’s Who” of the global economy. Even government agencies like NASA and the Department of Energy were among the victims. The hack is part of China’s ongoing efforts to steal intellectual property from other countries.
“Healthy competition is good for the global economy. Criminal conduct is not. Rampant theft is not. Cheating is not,” Wray said at the press conference.
APT 10 used “spear phishing” techniques to introduce malware onto targeted computers. The hackers sent emails that appeared to be from legitimate addresses but contained attachments that installed a program to secretly record all keystrokes on the machine, including user names and passwords. The group also targeted managed service providers (MSPs), companies that remotely manage their clients’ servers and networks. MSP hacks allowed APT 10 members to indirectly gain access to confidential data of numerous companies who were the clients of the MSPs.