US officials have charged 12 Chinese nationals, including public security officials, with masterminding massive cybercrime campaigns against American government institutions at the behest of Beijing. The US Justice Department says this decade-long effort was organized at the behest of Chinese police and intelligence agencies.
This is among what American officials describe as a thriving hacking-for-hire industry in China, where government agencies contract out private firms to hack into designated individuals and organizations of interest.
Accounts have it that the accused persons not only conducted hacking operations but also sold on the information obtained to other Chinese agencies, such as the Ministry of Public Security (MPS).
We’re exposing Chinese government officials behind and sponsoring senseless and wanton attacks on computers and networks worldwide today,” said Sue Bai, head of the US Justice Department’s national security division. She emphasized the role of facilitating companies and lone hackers in the acts.
The suspects were reportedly linked to a Chinese firm named i-Soon, which has generated billions of dollars in revenue, painting the vastness of its hacker-for-hire operations. The company allegedly conducted individual hacking missions and sold accessed data to Chinese authorities, whose prices varied from $10,000 to $75,000 per hacked email account.
FBI cyber division assistant director Bryan Vorndran commented, “The Chinese Ministry of Public Security has been compensating hackers to cause digital damage to Americans who speak out against the Chinese Communist Party.”
An earlier Associated Press report had mentioned that i-Soon had targeted governments of India, Taiwan, and Mongolia, with comparatively less effort being expended on the US. However, the recent indictments penned in Washington and New York point towards a larger scope of its operations, involving the hacking of Chinese dissidents, religious organizations, and media in the US also.
Chinese authorities dismissed such allegations as a “smear.” Chinese Embassy in Washington in a release stated it wished relevant parties could have a responsible attitude and form judgments on cyber incidents based on facts rather than hearsay.
Since the company’s files leaked out a year ago, i-Soon has been limping along but still in business, Chinese corporate records indicate. i-Soon reduced and relocated its headquarters, sources indicate.
Mei Danowski, a security expert, stated that companies like i-Soon are just hanging by a thread. “To Chinese state agencies, a company like i-Soon is disposable,” she added, highlighting the precarious position of such companies in this climate.
