The Justice Department announced charges against four Chinese nationals on Monday, accusing the men of being part of a hacking group that attacked “companies, universities and government entities in the United States and abroad between 2011 and 2018.”
The charges were announced as the United States and a coalition of allies on Monday accused China’s Ministry of State Security of a global cyber hacking campaign, specifically attributing a large Microsoft attack disclosed earlier this year to hackers working on Beijing’s behalf.
According to a release from the DOJ, a San Diego federal grand jury returned the indictment of all four in May and it was unsealed on Friday.
The hacking was sponsored by the Ministry of State Security and focused on information that would significantly benefit Chinese companies and businesses, including research and development processes.
The indictment says Ding Xiaoyang, Cheng Qingmin, and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front company called Hainan Xiandun Technology Development Co., Ltd.
The defendants and officials in the Hainan State Security Department (HSSS) tried to hide the Chinese government’s role in the information theft by using a front company.
The DOJ noted that the group attacked companies across the US, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, UK, Austria, Cambodia, Canada, and Germany. Most of the attacks targeted companies working in the defense, education, healthcare, biopharmaceutical, and aviation sectors.
“These criminal charges once again highlight that China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments,” Deputy U.S. Attorney General Lisa Monaco said in the statement.
At research institutes and universities, the conspiracy targeted infectious-disease research related to Ebola, MERS, HIV/AIDS, Marburg, and tularemia.”
The FBI and CISA have issued advisories designed to help organizations defend themselves against some of the tactics deployed by the four hackers that were charged. The Joint Cyber Security Advisory has “technical details, compromise indicators, and mitigation measures”.