China acting as a safe haven for its cyber criminals, says US

Jeffrey Rosen, deputy attorney-general, speaks during a news conference at the Department of Justice, Sept 16, 2020. PHOTO: BLOOMBERG
A Wanted poster is displayed at a Justice Department news conference on Sept 16, 2020. PHOTO: REUTERS

WASHINGTON - United States Justice Department officials on Wednesday (Sept 16) criticised Beijing for tolerating Chinese hackers and providing them a safe haven instead of bringing them to justice, as they unsealed indictments against five Chinese citizens and two Malaysians involved in a wide-ranging hacking campaign.

"The Chinese government has the power to help stop crimes like these," said Deputy Attorney General Jeffrey Rosen at a press conference.

"The Chinese Government has made a deliberate choice to allow its citizens to commit computer intrusions and attacks around the world because these actors will also help the PRC (People's Republic of China)," he added.

Prosecutors said that the five Chinese nationals hacked 100 companies in the US and other countries, including Singapore. Their targets included software development firms, social media companies, non-profit organisations, universities, think-tanks, and even pro-democracy politicians and activists in Hong Kong, said prosecutors.

Prominent electronic communications services and telecommunications providers in the US, Singapore and elsewhere were also compromised, they said. The victim companies were not named in court documents unsealed on Wednesday.

The hackers, who the prosecutors said are currently fugitives in China, also compromised government computer networks in India and Vietnam, and targeted but failed to breach government computer networks in Britain.

The two Malaysians were charged with conspiring with two of the Chinese hackers to profit from hacks targeting the video game industry in the US and abroad, by illegally obtaining or generating in-game resources and selling them in the black market through their website. The pair was arrested in Perak on Monday (Sept 14).

"The scope and sophistication of the crimes in these unsealed indictments is unprecedented. The alleged criminal scheme used actors in China and Malaysia to illegally hack, intrude and steal information from victims worldwide," said Mr Michael Sherwin, the acting US Attorney for the District of Columbia where the charges were filed.

While the Justice Department did not say that Beijing was behind the hackers, it noted that one of the Chinese defendants claimed he was "very close" to China's Ministry of State Security and would be protected "unless something very big happens."

When asked about the indictments on Thursday, China said it was a staunch defender of cyber security and has always cracked down on all forms of cyber attacks and cyber crimes in accordance with the law.

"Regrettably, the US has long used cybersecurity issues as a tool for stigmatisation, political manipulation and spreading falsehoods and information," China's foreign ministry spokesman Wang Wenbin said at a regular briefing in Beijing.

"We urge the United States to treat cybersecurity issues in an objective and rational manner, and jointly respond to the challenges of hacker attacks through dialogue and cooperation on the basis of mutual respect," he said.

The Trump administration has brought several cases against Chinese hackers in recent months, accusing the Chinese government of sponsoring espionage and hacking attempts to steal American intellectual property and undermine its national security.

Pointing to the Chinese government's lack of action in previous US hacking cases, Mr Rosen said that Beijing showed a pattern of tolerating criminal activity by hackers who were willing to work on behalf of the Chinese intelligence services.

"Unfortunately, the record of recent years tells us that the Chinese Communist Party has a demonstrated history of...making China safe for their own cyber criminals, so long as they help with its goals of stealing intellectual property and stifling freedom," said Mr Rosen.

Some defendants felt they could hack with impunity as long as they did not target domestic Chinese companies, prosecutors noted. Said

Mr Rosen: "Some of these criminal actors believed their association with the PRC provided them free licence to hack and steal across the globe."

The sprawling hacking campaign was the work of a group called Advanced Persistent Threat (APT)-41, which carries out both espionage and for-profit hacking, said the Justice Department.

In a report, Cybersecurity firm FireEye called APT-41 "a prolific cyber threat group" with two focuses: Chinese state-sponsored espionage, and cyber crime activities targeting the video game industry for personal financial gain.

The first indictment, handed down in August last year (2019), charged Chinese nationals Zhang Haoran, 35, and Tan Dailin, 35, with 25 counts of conspiracy, wire fraud, aggravated identity theft, money laundering, and other computer fraud.

Zhang and Tan would also illegally access video game company computer networks to fraudulently generate digital items of value, including in-game currency and other goodies, and sell them for a profit, they added.

They would also take action against other unrelated groups that also fraudulently generate gaming items, attempting to eliminate their competitors.

Another indictment last month charged three more Chinese nationals - Jiang Lizhi, 35, Qian Chuan, 39, and Fu Qiang, 37 - with nine counts of racketeering, fraud, identity theft and money laundering.

They held top positions at Chengdu404, a Chinese company headquartered in China's Sichuan province, where they would attack supply chains, a technique that involved gaining access to software companies and modifying their software code in order to further hack customers of the software providers, said prosecutors.

All five were not known to have ever resided in the US, according to court documents.

The last indictment, also from last month, charged Malaysian businessmen Wong Ong Hua, 46, and Ling Yang Ching, 32, both Malaysian nationals and residents, with 23 counts of racketeering, conspiracy, and other fraud.

Wong was the founder and chief executive of Sea Gamer Mall, a Malaysian company which sold video game goods and services, including currency and other digital items, while Ling was its chief product officer.

The duo allegedly worked with other computer hackers, including Zhang and Tan, to illegally obtain these in-game goods by hacking, stealing identities and money laundering, said prosecutors.

Their victims included video game companies in the US, France, South Korea, Japan, and Singapore, they added.

Join ST's Telegram channel and get the latest breaking news delivered to you.