The United States accuses a dozen hackers and Chinese officials to implement a broad cybercrime campaign. The group has open criminal causes in Washington and New York.
Twelve Chinese citizens, including mercenary hackers, agents of the forces of the order and employees of a private company of computer piracy, have been accused in relation to world campaigns of cybercrime directed against dissidents, news organizations, US agencies and universities, the Department of Justice announced Wednesday.
A series of open criminal causes in New York and Washington add new details to what, according to US officials, it is a flourishing ecosystem of hackers on request in China, in which the Chinese government pays private companies and contractors to attack victims of special interest for Beijing, in an agreement destined to provide the Chinese State security forces a cover and the possibility of denying their responsibility.
The accusations occur at a time when the United States government has warned about an increasingly sophisticated cyber threat from China, including a hacking last year to telecommunications companies called Salt Typhoon that gave Beijing access to private text messages and telephone conversations of an unknown number of Americans, including officials of the United States government and prominent public figures.
One of the accusations imputes eight leaders and employees of a private hacker company known as I-Soon for carrying out a wide range of computer violations worldwide aimed at suppressing freedom of expression, locating dissidents and stealing data from victims. Among the defendants are Wu Haibo, who founded I-Soon in Shanghai in 2010 and was a member of the first Hackivist group of China, the Green Army, and is accused of the demand to supervise and direct hacking operations.
Previous reports of the AP on filtered documents of I-OON showed mainly that I-Soon was attacking a wide range of governments such as India, Taiwan or Mongolia, but little about the United States.
However, the accusation contains new revelations about I-SOON activities aimed at a wide range of Chinese dissidents, religious organizations and the media based in the United States, including a newspaper identified as a news publisher related to China and opposite to the Chinese Communist Party. Other objectives were critical people with China resident in the United States, the Defense Intelligence Agency and a research university.
The planned objectives were in some cases led by the Ministry of Public Security of China – two officials were also accused of assigning certain tasks – but on other occasions the hackers acted for their own initiative and tried to sell the stolen information to the government later, says the accusation.
The company charged the Chinese government the equivalent of between 10,000 and 75,000 dollars for each email mailbox that managed to hack, according to the officials.
The telephone numbers listed for I-OSON in a Chinese corporate registry sounded unanswered, and I-Soon representatives have not yet responded to an email from the AP requesting comments.
A spokesman for the China Embassy in Washington, Liu Pengyu, suggested on Wednesday that the accusations were a “defamation” and said: “We hope that the relevant parties adopt a professional and responsible attitude and base their characterization of cyber incidents in sufficient tests instead of infused speculation and accusations.”
A separate accusation imputes two other Chinese hackers, identified as Yin Kecheng and Zhou Shuai, in a forklift campaign that aimed victims, including technological companies in the United States, groups of experts, defense contractors and health systems. Among the objectives was the United States Department of the Treasury, which disseminated a violation by Chinese actors at the end of last year in what it called an “important cybersecurity incident”, and that was among the objectives of the accused hackers.
The Treasury Department announced sanctions on Wednesday in relation to that case, and the State Department announced a reward of up to 2 million dollars for information that leads to the arrest of both men.
I-OSON is part of a vast industry in China, documented in an investigation by The Associated Press last year, of private hacking contractors that are companies that steal data from other countries to sell them to the Chinese authorities.
In the last two decades, the demand for intelligence abroad by Chinese state security has increased, giving rise to a vast network of these hacker companies on request that have infiltrated hundreds of systems outside China.