At least two members of the hacker group have wanted to expose US investigators: Zhu Hua and Zhang Shilong, who reportedly worked for a company affiliated with the Chinese Ministry of Domestic Security. The two suspects are said to be in China – out of reach of the US authorities.
The FBI is waiting for his chance
However, as the Hong Kong newspaper „South China Morning Post“ reports, they should be closely watched by the FBI. The US Federal Police are just waiting for them to leave the country to get hold of them, according to the report.
China’s elite hackers are said to operate from a base in Tianjin, some 130 kilometers southeast of the capital, Beijing. Zhu and Zhang are said to have been engaged in camouflage at an e-commerce company called Huaying Haitai Science and Technology Development Co.
Discovered in 2009, but probably active since 2006
However, it is unlikely that the hacker group consists of only two men. It was discovered in 2009 by Californian cyber security company FireEye. The hackers are supposed to tap industrial secrets on a large scale since 2006 – according to the FBI’s „Who’s Who of the World Economy“.
In the course of their 12-year and thus unusually long campaign, the hackers are said to have made it into the networks of 45 US companies and organizations. The victims came mainly from the aerospace, telecommunications and computer science, shipping, the oil, gas and pharmaceutical industries. Among the most prominent victims include the space agency NASA and the US Department of Energy.
Allegedly tapped large US IT companies
Since at least 2014, hackers are also looking to gain access to several IT service providers who manage their networks for businesses and governments around the world. Which IT service providers the Chinese have infiltrated, was not officially named. However, several sources cite Hewlett Packard Enterprise and IBM as victims, according to a report from Reuters news agency.
Through these two providers, hackers have since 2014 tapped a variety of companies and authorities in Brazil, Britain, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates and the United States. Apart from that, secret information from the areas of finance, telecommunications, consumer electronics, manufacturing, medicine, biotechnology, mining and the automotive and mining industries was also found here.
Link to the government undetectable
Western IT security researchers have clearly associated „APT10“ with the Chinese government. „We believe that these targets have been attacked to achieve national Chinese security goals by stealing valuable military and intelligence information and using economic data to strengthen Chinese companies,“ FireEye writes of „APT10.“
In fact, this goal would not be unusual: many countries are hacking armies, most notably the US with its „Office of Tailored Access Operations“ („TAO“). China was just as victim as the allied Germany. In fact, some states have only begun to increase their capacities after feeling threatened. Richard Werner from Japan’s IT security provider Trend Micro on krone.at: „States that are afraid of America or Russia are getting ready with offensive cyber capabilities. Iran, for example, has immediately started to equip itself after the Stuxnet attack on its 2010 nuclear program. “
China itself rejects any connection to „APT10“
Nevertheless, the accusation that the realization of the „Chinese dream“ of wealth and power is based on dishonest methods such as industrial espionage has always been rejected by the Chinese. The allegations from the US are slanderous, said the Foreign Ministry in Beijing. The US must also take back its charges against Zhu and Zhang. The People’s Republic will take all necessary steps to protect its interests.
Nor should it be forgotten that it has long been an open secret that US government agencies would spy on foreign governments, businesses and individuals. The dispute is likely to further burden the already tense relations between the US and China because of the trade conflict. And under the surface will probably continue to hack …
