The news dropped today that the Justice Department has announced an indictment that connects spies working for the Chinese government for a hacking campaign against U.S. tech companies and other industry organizations as well. The indictment, which was dealt Thursday, accuses China’s main intelligence agency, the Ministry of State Security, of hacking into multiple tech companies and government departments, with the purpose of stealing IP. Prosecutors said the hackers were part of a Beijing-backed group, dubbed APT10, which various security companies had previously linked to China.
Experts comments below:
Carl Wright, CCO at AttackIQ:
“The United States Justice Department’s indictments in China are a step in the right direction as the blatant theft of IP and other sensitive data is unacceptable. Despite these indictments, prosecutions are unlikely given that the hackers are Chinese residents and extraditions are a rarity. These charges will restrict the international travels of those named in the filing and will send a warning to those who have not been named, potentially deterring motivation for future attacks against the United States.
This hacking campaign from China is one of the most significant and widespread cyber intrusions against the United States and its allies to date—that is, that we know about. Seemingly random cyberattacks against companies and agencies in the U.S. and abroad could very well be connected to nation-state backed hackers. In 2019, politically-motivated cyber threats and how to defend against them will be a major point of debate.”
Jonathan Bensen, Interim CISO and Director of Product Management at Balbix:
“This indictment has effectively scrubbed the bilateral agreement between the United States and China in 2015 that called for a truce against hostile cyberattacks and espionage. We have seen Chinese hackers target aviation, space and satellite, manufacturing, pharmaceutical, oil and gas, communications, computer processor, and maritime technology companies in the United States. These hacks have even breached names, dates of birth, email addresses, salary information and Social Security numbers of more than 100,000 United States Navy personnel this year. Regardless of these indictments, we will likely see more nation-state backed cyberattacks come to light in 2019 around the globe.
This history of cyberattacks shows that entities as highly regulated as our nation’s tech and industry giants and our federal government are not immune to the dangers posed by the plethora of attacks that come from nation-state hackers. Every organization’s security teams must be absolutely clear about the relative value of each its IT assets and sets of information, and with that context prioritize its cybersecurity actions to proactively address the vulnerabilities that would put them at most risk. And do that before they become entry points for attackers.”