The Justice Department in the United States has charged twelve Chinese nationals, including mercenary hackers, law enforcement officers, and employees of a private hacking company, in connection with global cybercrime campaigns targeting dissidents, news organizations, U.S. agencies, and universities. These individuals are accused of participating in hacking operations aimed at suppressing speech, locating dissidents, and stealing data from victims around the world.
One of the indictments focuses on eight leaders and employees of a private hacking company named I-Soon, which was founded in Shanghai in 2010. Wu Haibo, the founder of I-Soon, is alleged to have overseen and directed hacking operations targeting various governments and organizations. The company charged the Chinese government fees ranging from $10,000 to $75,000 for each email inbox successfully hacked.
The indictment revealed that I-Soon’s activities extended to targeting Chinese dissidents, religious organizations, and media outlets based in the U.S. Additionally, individual critics of China living in the U.S., the Defense Intelligence Agency, and a research university were among the victims of the hacking campaigns. Some of the targets were directed by China’s Ministry of Public Security, while others were pursued independently by the hackers, who then attempted to sell the stolen information to the government.
In a separate case, two other Chinese hackers, Yin Kecheng and Zhou Shuai, were charged with conducting a for-profit hacking campaign targeting U.S. technology companies, think tanks, defense contractors, and health care systems. The U.S. Treasury Department, which disclosed a breach by Chinese actors last year, was also among the targets of these hackers.
The U.S. government has raised concerns about the sophisticated cyber threat posed by China, with incidents such as the Salt Typhoon hack last year, which gave Chinese authorities access to private texts and phone conversations of Americans, including government officials and public figures. The indictments shed light on the extent of China’s involvement in cyber espionage and its use of private companies and contractors to carry out hacking operations.
Despite the charges, the Chinese Embassy in Washington has dismissed the allegations as a “smear” and called for evidence-based assessments of cyber incidents. The Treasury Department has imposed sanctions in connection with the hacking campaign, and the State Department has offered a reward for information leading to the arrest of the indicted hackers.
The emergence of private hacking contractors in China, like I-Soon, is a concerning development that has been documented in previous investigations. These companies play a significant role in gathering intelligence for Chinese state security forces, contributing to a vast network of cyber espionage activities outside China. As the demand for overseas intelligence continues to rise, the role of these private hackers-for-hire companies in China’s cyber operations is likely to draw further scrutiny.
In conclusion, the charges filed against the Chinese nationals involved in cybercrime activities highlight the ongoing challenges posed by state-sponsored hacking and cyber espionage. The global community must remain vigilant in countering such threats and strengthening cybersecurity measures to protect sensitive information and safeguard against malicious cyber activities.