The announcement of indictments against a group of alleged Chinese hackers by the US has sparked controversy and concern over a widespread spy campaign that has been ongoing for years. The US government has revealed that they have sanctioned a Chinese tech company and even offered a generous bounty of US$10 million in connection to this elaborate cyber espionage operation that has targeted victims both in America and globally.
According to federal officials, a total of 10 individuals have been accused of working together to steal valuable data from various targets. Among the suspects, eight individuals were found to be employed by a company known as Anxun Information Technology, commonly referred to as i-Soon, while the remaining two were affiliated with the Chinese Ministry of Public Security. An indictment filed against i-Soon described the company as a significant player in what is described as the People’s Republic of China’s hacker-for-hire ecosystem.
The indictment further revealed that the targets of this cyber espionage campaign included prominent entities such as the US Defense Intelligence Agency, the US Department of Commerce, as well as the foreign ministries of Taiwan, South Korea, India, and Indonesia. Additionally, news organizations critical of China and even the New York State Assembly were identified as victims of these hacking activities. Shockingly, even religious figures and organizations were not spared, with hackers infiltrating an unnamed “large religious organization in the United States,” as disclosed in the indictment and a separate statement issued by the Manhattan District Attorney’s office.
The indictment goes on to detail how i-Soon allegedly charged Chinese intelligence agencies anywhere from US$10,000 to US$75,000 for each email inbox that they successfully hacked, with additional fees for the analysis of the compromised data. Furthermore, the US Treasury Department announced sanctions against a Shanghai-based company, along with its founder, over claims of illicitly obtaining and selling data from highly sensitive US critical infrastructure networks. The sanctioned individuals were identified as the Shanghai Heiying Information Technology Company and its owner, Zhou Shuai, with allegations of selling unlawfully exfiltrated data and providing access to compromised computer networks.
It was revealed that some of the stolen data ended up in the hands of a previously sanctioned Chinese hacker named Yin Kecheng, who had been implicated in the theft of data from the US Treasury. Both Zhou and Yin were also indicted in connection to these cybercrimes, adding to the complexity and severity of the situation.
The implications of these indictments and sanctions are vast, signaling a growing concern over the extent of cyber espionage orchestrated by state-sponsored actors and their affiliates. The US government’s actions serve as a stern warning to those involved in such activities, emphasizing the repercussions of engaging in malicious cyber operations that threaten the security and privacy of individuals and institutions. As technology continues to evolve, efforts to combat cyber threats and hold perpetrators accountable remain a top priority for governments worldwide.