US accuses China of waging broad economic espionage campaign

The US Justice Department announced indictments accusing Chinese officials of coordinating a decadelong espionage campaign to steal intellectual property and other data from dozens of companies, adding to tensions amid the trade war between the two nations.

Two Chinese nationals, Zhu Hua and Zhang Shilong, were accused Thursday of coordinating with state security officials in an “extensive” hacking campaign, allegedly infiltrating 45 US companies and government agencies, as well as other firms in more than a dozen countries.

The indictments against the two, unsealed in federal court in Manhattan on Thursday, underscore one of the primary US grievances in the ongoing trade fight between the Trump administration and Beijing: the systematic theft of US intellectual property and forced technology transfers from companies doing business in China.


Those complaints are a central issue in ongoing negotiations between the United States and China, under a 90-day deadline President Trump and China’s President Xi Jinping set after agreeing Dec. 1 to halt additional tariffs and trade penalties. Since July, the two countries have imposed tariffs on a combined $360 billion in each other’s imports, a bruising conflict that threatens to undermine the global economy at a time when growth is leveling off.

The hackers, known in the cybersecurity community as Advanced Persistent Threat 10, stole information from companies in an array of industries, including banking and finance, telecommunications, biotechnology, automotive, health care and mining, according to the indictment.

The group hacked the US Navy, making off with the personal data of more than 100,000 personnel, and successfully infiltrated computers linked to NASA’s Jet Propulsion Laboratory, the indictment said.

Law enforcement officials stressed the threat Chinese hacking poses to the United States as they announced the charges.

“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow international rules,” Deputy Attorney General Rod Rosenstein said in a statement.


The UK Foreign Office joined in pressing the accusations, issuing a statement alleging that a group known as APT 10 acted on behalf of Chinese government “to carry out a malicious cyber campaign targeting intellectual property and sensitive commercial data in Europe, Asia and the US.”

The defendants named in the US indictment worked for Huayhing Haitei Science and Technology Development Co. in Tianjin, China, and acted in coordination with the Chinese Ministry of State Security’s Tianjin State Security Bureau, according to court documents. Their group was also known as “Red Apollo,” “CVNX,” “Stone Panda,” and other names, according to the indictment.

The group used a technique known as spear phishing, in which e-mails are sent pretending to be from legitimate addresses to targets with attached documents and files that would secretly install malware if opened, according to the United States. That gives hackers access to the subject’s computer and allows them to steal user names and passwords, files and other information.

Zhu, Zhang and other hackers gained access to at least 90 computers belonging to commercial and defense technology companies and federal government agencies, in at least a dozen states — including NASA’s Goddard Space Flight Center in Greenbelt, Md., and Jet Propulsion Laboratory in Pasadena, Calif., the United States said.

Prosecutors said in court filings that while the group used similar tools and methods in all its campaigns, the hackers increasingly strengthened their ability to breach network defenses as part of a “continuous and unrelenting effort” to steal technology and other information.


Starting in 2014, members of the group attempted to access computers and networks of managed service providers, which remotely manage information technology for businesses and governments worldwide, in order to break into their clients’ systems and steal “intellectual property and confidential business data on a global scale.”

That campaign included the hack of one managed service provider with offices in New York that compromised the data of the provider and clients located in a dozen countries involved in industries including banking and finance, consumer electronics and oil and gas exploration, prosecutors said.

Treasury Secretary Steven Mnuchin, speaking Thursday on Fox Business Network, said the case was unrelated to ongoing trade negotiations with China, but that cyber-security has consistently been part of the talks.

The prospect of a deal has been clouded by the arrest in Canada of Huawei executive Meng Wanzhou, who the United States accuses of helping the telecom company evade sanctions against Iran.