The US Department of Justice has charged five Chinese with hacks targeting more than 100 companies and institutions in the US and abroad, including social media and video game companies, as well as universities and telecoms, officials said on Wednesday.
The five defendants remain fugitives, but prosecutors said that two Malaysian businessmen charged with conspiring with the alleged hackers to profit off the attacks on the video game industry were arrested in Malaysia this week and face extradition proceedings.
The indictments are part of a broader effort by the US to call out cybercrimes by China.
US prosecutors in July accused hackers of working with the Chinese government to target companies developing vaccines for COVID-19, and of stealing hundreds of millions of dollars of intellectual property and trade secrets from companies worldwide.
Though those allegations were tailored to the pandemic, the charges announced on Wednesday — and the range of victims identified — were significantly broader, and involved attacks done both for monetary gain as well as more conventional espionage purposes.
In unsealing three related indictments, officials laid out a wide-ranging hacking scheme, targeting a variety of business sectors and academia, carried out by a China-based group known as APT41.
That group has been tracked over the past year by the firm Mandiant Threat Intelligence, which described the hackers as prolific, and successful at blending criminal and espionage operations.
The department did not directly link the hackers to the Chinese government, but officials said that the hackers were probably serving as proxies for Beijing because some of the targets, including pro-democracy activists and students at a university in Taiwan, were in line with government interests and did not appear to be about scoring a profit.
“A hacker for profit is not going to hack a pro-democracy group,” said Acting US Attorney for the District of Columbia Michael Sherwin.
In addition, one of the five defendants told a colleague that he was very close to the Chinese Ministry of State Security and would be protected “unless something very big happens,” US Deputy Attorney General Jeffrey Rosen said.
Rosen criticized the Chinese government for what he said was a failure to disrupt hacking crimes and to hold hackers accountable.
“Ideally, I would be thanking Chinese law enforcement authorities for their cooperation in the matter and the five Chinese hackers would now be in custody awaiting trial,” Rosen said. “Unfortunately, the record of recent years tells us that the Chinese Communist Party has a demonstrated history of choosing a different path, that of making China safe for their own cybercriminals, so long as they help with its goals of stealing intellectual property and stifling freedom.”
In Taipei, the Ministry of Education yesterday said that it was looking into the alleged leak of personal information involving a university.
A university was hacked in October last year and the personal information of 67,000 faculty, students and other employees was stolen, the US indictment said.
A Taiwanese energy company was also the victim of ransomware planted by the hackers on May 4, with malware preventing company officials accessing the system while it targeted a payment system in the retail sector, the indictment said.
Additional reporting by Rachel Lin
EXTENSION: The route chosen by the transport ministry was the longest of three options, and the most expensive, but it would ensure clean water for greater Taipei The Ministry of Transportation and Communications yesterday finalized route for a Taiwan High Speed Rail line to Yilan County, which avoids the Feitsui Water Reservoir’s (翡翠水庫) watershed, a source within the ministry said. The ministry originally had three proposals for the Taipei-Yilan section of the railway, two of which were shorter, but crossed the watershed, while the ministry-proposed route, although longer, completely avoids it. Premier Su Tseng-chang (蘇貞昌) approved the ministry’s decision yesterday after being briefed on the issue at a meeting and is expected to announce the plan in Yilan in the coming days. While the chosen route is the most expensive
ATTACK UNLIKELY: China would become ‘pariahs internationally for just the wanton destruction of Taiwan’ and would have little to gain from it, Trump’s security adviser said A top White House official on Friday urged Taiwan to build up its military capabilities to protect against a possible invasion by China, saying that Beijing would have that ability in 10 to 15 years. US President Donald Trump’s National Security Adviser Robert O’Brien told the Aspen Security Forum that a missile attack by China against Taiwan would be much too destructive. An amphibious attack is a possibility, although at the moment it is beyond China’s capability, he said. However, China could combine that threat with “gray zone” operations, embargoes, harassment and other actions to intimidate the nation if Taipei does not build
REGISTRATION ROW: The online marketplace stopped taking new orders before noon yesterday and said that it would help sellers complete their deals before going offline E-commerce site Taobao Taiwan (淘寶台灣) yesterday announced that it would leave the Taiwanese market at the end of this year, after being told by the Investment Commission to register as a Chinese entity. It made the “tough decision” to leave Taiwan, effective Jan. 1 next year, due to “market uncertainties” and was in talks with its employees over a redundancy scheme, the company said in a statement. It would also help sellers on its site complete their outstanding deals to protect their rights and those of the buyers, it said. The company said that it had decided to stop taking new orders before
UNFOUNDED CLAIMS: Hong Kong air traffic controllers told a Taiwanese aircraft to leave due to ‘dangerous activities,’ but the military said it found no reason for the claim Minister of National Defense Yen De-fa (嚴德發) yesterday called on Beijing to respect international aviation rules and refrain from undermining air travel after Hong Kong air traffic controllers on Thursday morning warned off a Taiwanese flight. A military chartered supply flight operated by Uni Air (立榮航空) from Kaohsiung to the Taipei-controlled Pratas Islands (Dongsha Islands, 東沙群島) in the South China Sea was forced to turn back on its way to the disputed islands, where 250 Taiwanese coast guard personnel are deployed, the Civil Aeronautics Administration (CAA) said. Hong Kong air traffic controllers denied the Uni Air ATR2-600 aircraft authorization to enter the