Dec 20, 2018

DOJ indicts 2 Chinese agents for hacking U.S. organizations

Photo: Castaneda Luis/AGF/UIG via Getty Images

The Department of Justice unsealed indictments against 2 Chinese hackers affiliated with the Ministry of State Security Friday.

Why it matters: The group known as APT 10, running a campaign nicknamed Operation Cloud Hopper, recently attacked managed IT services, providing a gateway to intellectual property and trade secrets worldwide. The group has attacked biotech, healthcare, NASA, oil and gas exploration, and other industries.

What they're saying: "It's just as if they broke into the companies and stole the data physically," said Deputy Attorney General Rod Rosenstein.

Details: The two hackers, Zhu Hua and Zhang Shilon, are said in the indictment to have attacked more than 45 technology companies in at least a dozen U.S. states as well as U.S. government agencies — including obtaining the personal information of more than 100,000 naval service members.

  • The DOJ alleges the pair worked for Huaying Haitai Science and Technology Development Company and were contracted by China as cyber mercenaries.
  • Per the indictment, APT 10 has been active since at least 2006 and has been attacking managed service providers since 2014.
  • Other nations with APT 10 targets included Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, and the United Kingdom.

Background: "Cloud Hopper is one of the most aggressive of Chinese groups," said Ben Read, senior manager for cyber intelligence at FireEye.

  • FireEye has seen the group involved in a great deal of economic espionage, ranging from hacking internet service providers to targeting a pharmaceutical firm.
  • "An indictment might pause operations, but probably won't stop them," said Read, noting an array of other Chinese groups involved in seemingly state-sanctioned commercial espionage.

The Department of Justice has been on a recent tear of filing charges against Chinese officials.

  • Then-Attorney General Jeff Sessions announced a new DOJ China initiative on Nov. 1 while discussing the indictment of a Taiwanese, state-owned company for theft of trade secrets from U.S.-based Micron.
  • But even before the initiative, Chinese intellectual property theft was on the DOJ's radar for quite a while. Prosecutions can take years to develop, and former officials believe the current flurry of indictments is the fruit of a strategy that began back in the Obama administration.
  • At a Senate Judiciary Committee hearing last week, John Demers, assistant attorney general for the National Security Division, said 90% of intellectual property theft that involved a foreign country came out of China, which Rosenstein echoed Thursday.

The trade war with China is notionally a separate issue than intellectual property theft, as is the arrest of a Huawei executive for trade sanctions violations, the penalizing of ZTE for similar trade sanctions violations and the U.S. accusations of election interference. But all these issues combine to form a slurry of discord between the Trump administration and China.

Go deeper

Biden bets it all on South Carolina

Illustration: Eniola Odetunde/Axios

COLUMBIA, S.C. — Most Joe Biden admirers Axios interviewed in South Carolina, where he's vowed to win today's primary, said they're unfazed by his embarrassing losses in Iowa, New Hampshire and Nevada.

Why it matters: Biden has bet it all on South Carolina to position himself as the best alternative to Bernie Sanders — his "good buddy," he tells voters before skewering Sanders' record and ideas.

Coronavirus updates: Market ends worst week since financial crisis

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The stock market ended its worst week since the financial crisis, prompting the Fed to release a statement. Meanwhile, the WHO warned that countries are losing their chance to contain the novel coronavirus and raised its global risk assessment to "very high" Friday.

The big picture: COVID-19 has killed more than 2,860 people and infected more than 84,000 others in over 60 countries and territories outside the epicenter in mainland China. The number of new cases reported outside China now exceed those inside the country.

Go deeperArrowUpdated 12 hours ago - Health

California coronavirus: Latest case has no recent history of international travel

Gov. Gavin Newsom. Photo: Kevork Djansezian/Getty Images

A new case of the novel coronavirus in California was announced on Friday after Gov. Gavin Newsom said Thursday that 33 people had tested positive for the virus, noting the risk to the public remains low.

What's new: An adult woman with chronic health conditions in Santa Clara County who "did not recently travel overseas" or come into contact with anyone known to be ill was confirmed to have contracted the coronavirus on Friday by CDC and California Department of Public Health officials.

Go deeperArrowUpdated 13 hours ago - Health