China has stolen masses of secrets, according to the US government, in large-scale hacker attacks on the United States and its allies around the world.
Authorities and companies from various industries in at least twelve countries, including Germany, have been affected, said Deputy US Attorney General Rod Rosenstein on Thursday in Washington.
For example, hackers on behalf of Beijing managed to gain access to at least 45 US agencies and large technology companies. Hundreds of gigabytes of sensitive data had been stolen. The attacks were over years, probably in the period between 2006 and 2018. The hackers had placed malicious software and fished data.
In order not to be discovered, the hackers had installed malware that looked like legal software. For example, they had remote access to computers from China and, for example, had access data. Then they would have – apparently legally – with real access data further typed, have walked through the computer infrastructure of entire companies and could thus gain access to other companies.
The US Department of Justice has filed charges against two Chinese, Zhu Hua and Zhang Shilong. Both were under cover names on the way in the net – including names such as «Godkiller», «Stone Panda» or «Red Apollo». Both are members of a group of hackers who are known in the scene as APT10 (Advanced Persistent Threat 10 / „Advanced Durable Threat 10“). They worked for a company that works with the Chinese Ministry of State Security.
„The prosecution alleges that the defendants were part of a group that hacked computers in at least a dozen countries and gave China’s intelligence services access to sensitive corporate information,“ Rosenstein said. „This is nothing but fraud and theft, and it gives China an unfair advantage at the expense of law-abiding companies and of countries that comply with international rules in return for being allowed to participate in the international trading system.“
US companies spent years researching, while China stole it, said Rosenstein.
The attacks affected companies in a wide range of industries, including auto parts suppliers, laboratory instrument manufacturers, the banking and financial sectors, and telecommunications, information technology, medical equipment, biotechnology, pharmaceuticals, mining, oil and gas exploration, aerospace and space exploration companies.
