SAN DIEGO COUNTY, Calif. — Four Chinese nationals have been charged in a global hacking campaign aimed at dozens of companies, universities and government agencies in the U.S. -- including San Diego and abroad -- between 2011 and 2018.
On Monday, San Diego's U.S. Attorney's Office and the FBI said the four nationals were working with the Chinese government to steal sensitive information including intellectual property and confidential business information.
The Department of Justice (DOJ) said the cyber theft was of “significant economic benefit to China’s companies and commercial sectors.”
"The cyber attacks alleged in the indictment contradict commitments that China's government has made to the United States and other nations. These include the unambiguous 2015 understanding with the U.S. and other countries not to conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information," the DOJ said.
On May 28, 2021, a federal grand jury in the United States District Court for the Southern District of California returned an indictment against four People’s Republic of China (PRC) citizens for their alleged roles in a long running campaign of computer network operations targeting trade secrets, intellectual property, and other high value information from companies, universities, research institutes, and governmental entities in the United States and abroad, as well as multiple foreign governments.
The indictment alleges that Zhu Yunmin, Wu Shurong, Ding Xiaoyang, and Cheng Qingmin targeted the following sectors: aerospace/aviation, biomedical, defense industrial base, healthcare, manufacturing, maritime, research institutes, transportation (rail and shipping), and virus research from 2012 to 2018, on behalf of the PRC Ministry of State Security. Additionally, the indictment alleges the use of front companies by the PRC Ministry of State Security to conduct cyber espionage.
The theft also included technological information regarding autonomous vehicles, commercial aircraft servicing and high speed railway development.
“The FBI’s San Diego field office is committed to protecting the people of the United States and the community of San Diego, to include our universities, health care systems, research institutes, and defense contractors,” said Special Agent in Charge Suzanne Turner of the FBI’s San Diego Field Office. “The charges outlined today demonstrate China’s continued, persistent computer intrusion efforts, which will not be tolerated here or abroad. We stand steadfast with our law enforcement partners in the United States and around the world and will continue to hold accountable those who commit economic espionage and theft of intellectual property.”
The defendants’ activity had been previously identified by private sector security researchers, who have referred to the group as Advanced Persistent Threat (APT) 40. The defendants are each charged with one count of conspiracy to commit computer fraud, which carries a maximum sentence of five years in prison, and one count of conspiracy to commit economic espionage, which carries a maximum sentence of 15 years in prison.
The conspiracy’s hacking campaign targeted victims in the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, and the United Kingdom.
If you have any information concerning these individuals, please contact your local FBI office, or the nearest American Embassy or Consulate.
WATCH RELATED: Tips to keep your company safe from cyberattacks (July 2021)