US indicts seven Chinese hackers; China denies allegations

By Minkyung Shin, The Readable
Mar. 27, 2024 8:50PM GMT+9

On Monday, the United States government announced the indictment and imposition of sanctions on Chinese state-sponsored hacking groups. These groups are accused of targeting high-level U.S. officials through various malicious cyber operations.

The indictment, unsealed by the U.S. Department of Justice, charges seven hackers with ties to the Chinese government. These individuals, referred to as threat actors, specifically targeted U.S. government officials, lawmakers, American businesses, and individual dissidents who are afforded protection under American laws.

The hackers, believed to be operating out of China, include the group known as Advanced Persistent Threat 31 (APT31), identified as a malicious cyber group. Since 2010, this group has conducted its cyber operations through Wuhan Xiaoruizhi Science and Technology Company (Wuhan XRZ).

The Justice Department has indicted the hackers, making their identities public as defendants in the case. In an effort to gather more information on the hackers’ network, it is also offering a reward of up to $10 million for details about the organization, along with any connected individuals or entities.

Source: U.S. Department of State Diplomatic Security Service Rewards for Justice

The indictment reveals that the hackers dispatched over 10,000 emails embedded with malicious links, deceptively presented as if originating from reputable news outlets and journalists, along with articles on legal matters. When recipients clicked on these emails, the hackers were able to access and control the victims’ devices, obtaining information such as location, Internet Protocol (IP) addresses, network layouts, and details of the specific devices used to open the emails. According to a press release from law enforcement, this hacking technique has jeopardized economic strategies, intellectual property, and trade secrets belonging to American businesses.

The targets of the hacking efforts included high-ranking officials from the White House and various government agencies, as well as their spouses. Additionally, the hackers aimed at individuals and companies within crucial U.S. industries, including those affiliated with supplying the U.S. military with products and services or offering network security services.

Attorney General Merrick B. Garland stated, “The Justice Department will not tolerate attempts by the Chinese government to intimidate Americans serving the public, silence dissidents protected by American laws, or steal from American businesses.”

Deputy Attorney General Lisa Monaco, with a background in private practice and teaching national security law, further emphasized, “The Department of Justice will tirelessly work to uncover, expose, and bring to justice those cybercriminals who seek to undermine democracies and pose a threat to our national security.”

Meanwhile, the United Kingdom and New Zealand, both of which have also been targets of Chinese hacking efforts, have joined in the accusations against the threat actors.

Foreign Ministry Spokesperson Lin Jian is answering questions from reporters at a press conference on March 26. Source: Ministry of Foreign Affairs of China

The Chinese government has denied any involvement in the cyber operations. Foreign Ministry Spokesperson Lin Jian stated on Tuesday that the Chinese government opposes all forms of cyberattacks. He further emphasized that China is actively working to enhance its cyber operations. Lin also urged, “We call on the U.S. and the U.K. to cease politicizing cybersecurity issues, to halt their defamation of China and the imposition of unilateral sanctions against it, and to stop conducting cyberattacks against China.”

The cover image of this article was designed by Areum Hwang. This article was edited by Dain Oh and copyedited by Arthur Gregory Willers.

Minkyung Shin serves as a reporting intern for The Readable, where she has channeled her passion for cybersecurity news. Her journey began at Dankook University in Korea, where she pursued studies in Journalism and Software Convergence Contents. During her university studies, Shin led a team project that developed an Augmented Reality (AR) Face Tracking Service application and authored a paper titled ‘AR Face Tracking Based on Service Content’. In 2023, she expanded her experiences by interning at the Toronto-based non-profit organization, TCM, planning support programs for underprivileged children in the city. Through her diverse experiences, Shin has cultivated a broad perspective on cybersecurity. She is committed to delivering accurate and insightful cybersecurity news to readers worldwide.