On Monday, the United States government announced the indictment and imposition of sanctions on Chinese state-sponsored hacking groups. These groups are accused of targeting high-level U.S. officials through various malicious cyber operations.
The indictment, unsealed by the U.S. Department of Justice, charges seven hackers with ties to the Chinese government. These individuals, referred to as threat actors, specifically targeted U.S. government officials, lawmakers, American businesses, and individual dissidents who are afforded protection under American laws.
The hackers, believed to be operating out of China, include the group known as Advanced Persistent Threat 31 (APT31), identified as a malicious cyber group. Since 2010, this group has conducted its cyber operations through Wuhan Xiaoruizhi Science and Technology Company (Wuhan XRZ).
The Justice Department has indicted the hackers, making their identities public as defendants in the case. In an effort to gather more information on the hackers’ network, it is also offering a reward of up to $10 million for details about the organization, along with any connected individuals or entities.
The indictment reveals that the hackers dispatched over 10,000 emails embedded with malicious links, deceptively presented as if originating from reputable news outlets and journalists, along with articles on legal matters. When recipients clicked on these emails, the hackers were able to access and control the victims’ devices, obtaining information such as location, Internet Protocol (IP) addresses, network layouts, and details of the specific devices used to open the emails. According to a press release from law enforcement, this hacking technique has jeopardized economic strategies, intellectual property, and trade secrets belonging to American businesses.
The targets of the hacking efforts included high-ranking officials from the White House and various government agencies, as well as their spouses. Additionally, the hackers aimed at individuals and companies within crucial U.S. industries, including those affiliated with supplying the U.S. military with products and services or offering network security services.
Attorney General Merrick B. Garland stated, “The Justice Department will not tolerate attempts by the Chinese government to intimidate Americans serving the public, silence dissidents protected by American laws, or steal from American businesses.”
Deputy Attorney General Lisa Monaco, with a background in private practice and teaching national security law, further emphasized, “The Department of Justice will tirelessly work to uncover, expose, and bring to justice those cybercriminals who seek to undermine democracies and pose a threat to our national security.”
Meanwhile, the United Kingdom and New Zealand, both of which have also been targets of Chinese hacking efforts, have joined in the accusations against the threat actors.
The Chinese government has denied any involvement in the cyber operations. Foreign Ministry Spokesperson Lin Jian stated on Tuesday that the Chinese government opposes all forms of cyberattacks. He further emphasized that China is actively working to enhance its cyber operations. Lin also urged, “We call on the U.S. and the U.K. to cease politicizing cybersecurity issues, to halt their defamation of China and the imposition of unilateral sanctions against it, and to stop conducting cyberattacks against China.”
