DOJ indicts three Chinese nationals over hacks on Siemens, Moody's, and Trimble

"Defendants Wu, Dong and Xia launched coordinated and targeted cyber intrusions against businesses operating in the United States, including here in the Western District of Pennsylvania, in order to steal confidential business information", said Acting US Attorney Soo C Song for the Western District of Pennsylvania.

According to the indictment, the hackers sent spearphishing emails-highly targeted email attacks created to compromise an individual or individuals in order to hijack their accounts-to users around the world, including at the three compromised companies.

The federal indictment, unsealed in Pittsburgh, Pennsylvania, names them as Wu Yingzhuo, Dong Hao and Xia Lei and says they run a cyber security services firm in the southern Chinese city of Guangzhou.

The spearphishing emails contained links to sites that hosted malicious software that, when downloaded, would provide the attackers with unauthorized access to a victim's computer. The US charged five Chinese military officers in 2014 with hacking US companies such as Westinghouse, SolarWorld, Allegheny Technologies Inc.

More news: Sony Japan is shutting down its Demon's Souls online services
More news: Sunny Leone takes revenge on man who threw a snake on her
More news: BJP releases final batch of names for Gujarat; Anandiben dropped

Information on a huge number of USA workers employed in sensitive or secret work was stolen in that data breach. The hackers were able to extract confidential documents and proprietary information from the company related to a new global navigation satellite system that it was developing at the time.

Earlier this year the threat intelligence firm Record Future - which is supported by the US Central Intelligence Agency - said Boyusec works "on behalf of the Chinese Ministry of State Security" and is behind hacking attacks known as APT3. The rule directed all emails to and from the employee's account to be forwarded to web-based email accounts controlled by the conspirators.

The indictment refers to activities of a Chinese hacking group known as "Gothic Panda" with advanced technical capabilities has been active since 2007, said Adam Meyers, a researcher with cyber firm CrowdStrike. Researchers at security firm Symantec concluded previous year that the actions APT3 were consistent of those of a state-sponsored actor.

All three are residents of Guangzhou, China.

Related Articles