A U.S. court has indicted three Chinese nationals for sending phishing emails to and conducting malware attacks on U.S.-based private companies in order to steal sensitive and valuable information.
The three Chinese nationals were found guilty of committing trade secret theft, wire fraud, and conspiring to commit computer fraud and abuse.
Yesterday, the U.S. Department of Justice announced that the said Chinese nationals were residents of Guangzhou in China and were running a cyber security firm named Boyusec. It added that between 2011 and May of this year, the hackers ‘conspired to hack into private corporate entities in order to maintain unauthorized access to, and steal sensitive internal documents and communications from such private companies.
‘Defendants Wu, Dong and Xia launched coordinated and targeted cyber intrusions against businesses operating in the United States, including here in the Western District of Pennsylvania, in order to steal confidential business information,’ said Acting U.S. Attorney Song.
‘These conspirators masked their criminal conspiracy by exploiting unwitting computers, called ‘hop points,’ conducting ‘spearphish’ email campaigns to gain unauthorized access to corporate computers, and deploying malicious code to infiltrate the victim computer networks,’ he added.
Through their phishing campaigns and malware attacks, the said hackers were not only able to breach networks at several U.S. based private companies like Moody’s Analytics, Siemens AG and Trimble Inc., but were also able to get their hands on confidential trade secrets and sensitive employee information.
According to the DoJ, the hackers conducted their operations with the primary goal of copying or stealing confidential data from affected computers, as well as sensitive victim employee information such as usernames and passwords. They probably managed to gain access to ‘hundreds of gigabytes of data regarding the housing finance, energy, technology, transportation, construction, land survey, and agricultural sectors’.
The three Chinese nationals have been charged with one count for conspiring to commit computer fraud and abuse, one for conspiring to commit trade secret theft, one for wire fraud, and four counts for aggravated identity theft. The combined penalty of such crimes adds up to 42 years in prison.
The said hackers stole trade secrets and sensitive corporate information from GPS maker Trimble Inc. so that they could use such knowledge on developing a Global Navigation Satellite Systems technology designed to improve the accuracy of location data on mobile devices. They also stole 407 GB worth proprietary commercial data about Siemens’s energy, technology and transportation businesses in 2015.
Between 2013 and 2014, the hackers also ‘accessed the internal email server of Moody’s Analytics and placed a forwarding rule in the email account of a prominent employee’. As such, they were able to access all e-mails received by such employee and these e-mails contained proprietary and confidential economic analyses, findings and opinions.
The DoJ announcement, however, did not comment on whether the Chinese government was aware of the hack or whether the hacking operation conducted by the three indicted Chinese nationals were state-sponsored.