Justice Department charges Chinese nationals in 'extensive' global hacking campaign

By Kate Fazzini, Kevin Breuninger

The Justice Department on Thursday announced charges against two Chinese nationals on charges of participating in a global hacking campaign to steal technology company secrets and intellectual property, as well as the personal data of more than 100,000 members of the U.S. Navy.

Zhu Hua and Zhang Shilong are charged with conspiracy to commit computer intrusions and wire fraud, as well as aggravated identity theft, as part of years-long campaigns to steal from numerous foreign governments and dozens of companies. They remain at large.

Through a hacking group known as "Advanced Persistent Threat 10" or "APT10" — as well as other names including "Red Apollo" and "Stone Panda" — the defendants stole information from at least 45 U.S. tech companies and government agencies, authorities said.

Prosecutors also accused the two of operating in conjunction with the Chinese government.

"China will find it difficult to pretend that it is not responsible for this action," Deputy Attorney General Rod Rosenstein said at a press conference.

Read the DOJ's charging document here.

The indictment says Zhu and Zhang engaged in technology thefts that began in 2006 and a campaign to steal intellectual property and other data from remote-access client-management companies that started in 2014.

Over the course of the latter campaign, the two accessed computers related to victim companies in "at least 12 countries," the filing alleges.

"China's goal, simply put, is to replace the U.S. as the world's largest global superpower," FBI Director Christopher Wray said at the press conference.

The defendants' group allegedly stole information from at least 45 U.S. technology companies and government agencies. Most of the companies were not named, though the document says that the agencies targeted included the Department of Energy's National Laboratory and NASA's jet propulsion lab.

APT10 allegedly hacked into more than 40 computers connected to the U.S. Navy and stole confidential data, including "the personally identifiable information of more than 100,000 Navy personnel."

They're also accused of hacking three communications technology companies, three companies "involved in manufacturing advanced electronic systems," a maritime technology company, an oil and gas company, and at least 25 other technology-related companies.

In a joint statement, Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen said the alleged hacks "present a very real threat to the economic competitiveness of companies in the United States and around the globe."

"We strongly urge China to abide by its commitment to act responsibly in cyberspace and reiterate that the United States will take appropriate measures to defend our interests," Pompeo and Nielsen said.

The action comes as China and the U.S. are embroiled in volatile trade negotiations. The talks have already been complicated by Canadian authorities' Dec. 1 arrest of Huawei CFO Meng Wanzhou, one of China's largest companies, at the behest of the Justice Department.

The DOJ has indicted several alleged Chinese hackers in recent years. The actions are part of a "naming and shaming" campaign meant to hold Beijing accountable for alleged state-sponsored intellectual property theft from and espionage on corporations. However, the accused hackers are rarely extradited to the United States to face trial.

Later Thursday, the U.S. and more than a dozen allies are expected to condemn China for its alleged economic and technological malfeasance, The Washington Post reported.

U.S. allies including Britain, Germany, Australia, Canada and Japan will reportedly join that condemnation. Companies or institutions in each of those countries have claimed to be the victims of attempted cybersecurity breaches by Chinese hackers.

New sanctions addressing China's alleged cyber-chicanery are also expected to come Thursday, according to the Post.