Three Chinese based hackers have been charged by a Unites States court with hacking into companies and stealing sensitive information from them.
The hackers were said to have been working with a Chinese cybersecurity firm by the name Guangzhou Bo Yu Information Technology Company Ltd. The three hackers were identified as Wu Yingzhuo, Dong Hao and Xia Lei.
They were charged in a Pennsylvania federal court with launching coordinated cyberattacks from 2011 to 2017 targeting different companies, including financial market research firm Moody’s Analytics, industrial manufacturing company Siemens and general positioning service maker Trimble.
The hackers are purported to have stolen vital information in large quantities which might have compromised the affected companies’ business operations. All this is said to be state-sponsored by the Republic of China.
The hacking comes at a time when the Republic of China and the U.S. government signed an agreement to stop any form of hacking directed to either country. According to the recent findings, China is not adhering to the deal in all terms.
According to research by different cybersecurity firms, state-sponsored hackers from China are expanding in their activities. This has been concluded after the same group of hackers continued directing their malicious cyberattacks using similar codes and methods of propagation.
According to the prosecutor from the federal courts in Pittsburgh, Pennsylvania, the China-based hackers have been in their business for some time. They have brought down many websites belonging to different international companies and other organizations.
The group of Chinese hackers who allegedly worked with Guangzhou Bo Yu Information Technology Company are profoundly linked to the Chinese People’s Liberation Army unit 61398. This makes their activities highly affiliated to state-sponsored hacking.
The Chinese government has vehemently denied any form of hacking activities associated with the nation. Geng Shuang, a spokesman for China’s foreign minister, made a statement that China has opposed hackings directed to any sovereign country and its organizations.
The hackers used a rare method to reach and compromise the company’s networks. It was through spear phishing emails that the hackers lured employees from the affected companies to open attachments with links that directed their computer networks to the malicious software.
On being able to access the companies’ networks, the hackers would search all available confidential documents and data. This came after the employees opened the malicious emails that propagated into their systems, infecting almost all the computer networks.
The group of hackers have been active for quite an extended period of time. Their activities, too, have been felt worldwide from their home country. Due to the complicated nature of their hacking activities, tracking them and relating their attacks to the government has been a challenging undertaking.
Among the three suspects, Xia Lei is alleged to have compromised the emails of Moody’s Analytics without the company’s knowledge. The hacker allegedly tampered with the email system to forward all emails to another account that he did have full access to.
The alleged hacker has been reading all the confidential emails for such a long time that he has with him all the information about the company. Moody Analytics provides solutions to financial risk firms all over the world. Having its document and data compromised by the likely competitors would cause a significant loss on their side regarding many factors of the business.
The other company that was alleged to have been hacked by the Chinese hackers was Siemens. It was back 2014 when one of the three accused hackers by the name Dong Hao compromised a large volume of data from the company.
It is alleged that the hacker was able to access the company’s network via one of the employee’s credentials. The hacker is accused of stealing volumes of data of about 407 gigabytes that contained information regarding Siemens’ energy, technology and transportation businesses.
Compromising such vital information about the company is seen as a big blow to their business. This is as a result of the level of competition with other similar telecommunication service companies around the globe.
It is alleged that the hackers gave the information to the Chinese government, which is venturing into these businesses. Thus, the relevant stolen information would help them have a cutting edge in the market.
Siemens officials have publically stated that the data breach does not have any meaningful effect on their business.
The third company which was affected by the series of China-affiliated cyberattacks was Trimble. Wu Yingzhuo is alleged to have stolen secret information regarding the global navigation satellite between 2015 and 2016.
It is also alleged that the information stolen from Trimble’s network system was used by competitors to develop similar services. This would give them a better economic stand as the competitors would not incur their resources in research.
According to court documents, United States federal prosecutors have charged the three Chinese hackers with conspiracy to carry out computer fraud and abuse as well as trade secret thefts, along with wire fraud and aggravated identity theft.
All the three companies which were affected by the malicious acts from the hackers are working closely with the Federal Bureau of Investigation to further investigate the attacks.
At this time, the Chinese government has refuted the allegations of being involved with any hackings. Officials are also cited as saying they strongly oppose any form of cyberattack, condemning the hackers who are purported to be state-sponsored.
All the public has to do now is wait for investigators to give a precise, detailed account about whether the three Chinese hackers are in fact state-sponsored.
Latest posts by Steve (see all)
- Darknet Buyer Arrested After Posting Selfie & Signature Linked to Weapons Deal - July 25, 2018
- Israeli Security Programmer Arrested for Breach Attempt - July 24, 2018
- Darknet Hacker Who Breached 100+ Companies Is Jailed for 10 Years - June 15, 2018