The US and UK have taken the unprecedented step of accusing hackers associated to the Chinese government of waging a sustained cyber-campaign. Th was focused on large-scale theft of commercial intellectual property.
A US indictment unsealed on Thursday in unison with a series of British statements accused Chinese hackers of obtaining unauthorised access to the computers of at least 45 entities, including commercial and defence technology companies and US government agencies such as Nasa and the US navy.
The UK Foreign Office and the US indictment allege that a group of non-state employees was operating under the instruction of China’s main intelligence agency, the ministry of state security. The group was organised more like a corporation than a gang, a UK government official said.
The FBI director, Christopher Wray, said at a news conference that “China’s goal, simply put, is to replace the US as the world’s leading superpower and they’re using illegal methods to get there,”. The companies targeted by China were a “who’s who” of American businesses, he added.
On Friday, China’s foreign ministry said it resolutely opposed “slanderous” accusations from the US and other allies and urged Washington to withdraw its accusations. Beijing said it had lodged “stern representations” with Washington.
“We urge the US side to immediately correct its erroneous actions and cease its slanderous smears relating to internet security”.
The issue has been raised privately at the highest levels with China for the best part of two years, including by Theresa May, British officials said. But the hacking had not stopped, which was why the Chinese were being challenged in public, they added.
In the unsealed US indictment, prosecutors accuse Zhu Hua and Zhang Shilong of acting on behalf of China’s ministry of state security to spy on some of the world’s largest companies by hacking into technology firms to which they outsource email, storage and other computing tasks.
Court papers filed in Manhattan federal court saying the victims were in a variety of industries from aviation and space to pharmaceutical technology. Prosecutors claim the hackers were able to steal “hundreds of gigabytes” of data.
The UK foreign secretary, Jeremy Hunt, said: “This campaign is one of the most significant and widespread cyber-intrusions against UK and allies uncovered to date, targeting trade secrets and economies around the world … These activities must stop.”
Britain said it was taking no immediate punitive action but would lead a government-guided review of major companies’ security in the new year to better protect them.
New Zealand’s spy agency confirmed on Friday that it had established links between the Chinese ministry of state security and a global campaign of cyber-enabled commercial intellectual property theft, first becoming aware of the activity in early 2017.
Director-general of the GCSB Andrew Hampton said: “This long-running campaign targeted the intellectual property and commercial data of a number of global managed service providers, some operating in New Zealand”.
Hampton said the National Cyber Security Centre issued advice to New Zealand organizations on how to protect their networks. Around a third of the serious incidents recorded by the NCSC could be linked to state-sponsored actors, Hampton said.
Over the past few years, as companies around the globe have sought to cut down information technology spending, they have increasingly relied on outside contractors to store and transfer their data.
When a managed service provider is hacked, it can unintentionally provide attackers access to secondary victims who are customers of that company and have their computer systems connected to them, according to experts.