The US Treasury Department imposed sanctions on a Chinese company on Monday, accusing it of being a front company for “dangerous and irresponsible” state-sponsored hacking.
The announcement came on top of seven Justice Department indictments charging seven men associated with that company, Wuhan Xiaoruizhi Science and Technology Company Ltd. (Wuhan XRZ), were accused of “malicious cyber operations.”
The Wuhan
While the presence of this software — hidden in critical U.S. infrastructure — has not yet resulted in an offensive cyberattack, intelligence officials believe Beijing installed the malicious code in an attempt to thwart U.S. efforts to defend Taiwan.
This afternoon, the U.S. State Department, which worked with the FBI and Department of Justice on the hacking investigation, announced a $10 million reward for ‘for information about the group and the defendants’ as part of the Rewards for Justice programme.
The U.S. Treasury Department imposed sanctions on a Chinese company on Monday, and the Justice Department charged seven of the suspected hackers, accusing the company of being a front company for “dangerous and irresponsible” state-sponsored cyber warfare.
Above, photos from the DOJ indictment: (from top left to right), Ni Gaobin, Weng Ming, Cheng Feng, (from bottom left to right), Peng Yaowen, Sun Xiaohui, Xiong Wang, Zhao Guangzong
In recent years, Biden administration officials and federal law enforcement officials, including FBI Director Christopher Wray, have devoted significant resources to pursuing a Chinese government covert operation they have dubbed “Volt Typhoon.”
The name describes a reported Chinese hacking network that researchers say has burrowed into more than 20 key nodes of U.S. infrastructure over the past year.
Their successful targets, according to government officials who spoke anonymously the Washington Postinclude a water company in Hawaii, a major port on the West Coast and at least one oil and gas pipeline.
China’s cyber attacks have grown to a “greater scale than we’ve ever seen before,” FBI Director Christopher Wray warned this year, amid fears that U.S. infrastructure is under threat.
Today’s seven indicted and accused hackers linked to Wuhan
The seven accused APT31 hackers, Ni Gaobi, 38; Weng Ming, 37; Cheng Feng, 34; Peng Yaowen, 38; Sun Xiaohui, 38; Xiong Wang, 35, and Zhao Guangzong, 38, allegedly targeted U.S. government officials in addition to public infrastructure.
DOJ officials said the group used “sophisticated” means to also hack economic and defense companies, hiding code in more than 10,000 so-called “phishing” emails.
According to the FBI and DOJ, APT31 has targeted these companies, government and political officials, candidates and campaign staff for the past fourteen years.
The Director of National Intelligence warned in February 2023 that China is already “almost certainly capable” of carrying out cyberattacks to take out oil and gas pipelines and rail systems.
Analysts believe the Chinese military has changed its strategy from intelligence gathering to infiltration in an effort to sow chaos should war break out.
“The Department of Justice will not tolerate the Chinese government’s efforts to intimidate Americans who serve the public, silence dissidents protected by U.S. laws, or steal from U.S. companies,” said Attorney General Merrick Garland said in a statement.
“This case is a reminder of the purposes to which the Chinese government is willing to attack and intimidate its critics, including launching malicious cyber operations aimed at threatening the national security of the United States.”
The tandem sanctions issued by the US Treasury Department were part of an international effort with partners in Britain to crack down on Chinese hacking of nuclear services.
Officials of the Ministry of Finance described the work of malicious, state-sponsored cyber actors as “one of the largest and most persistent threats to U.S. national security.”
Although the malicious code hidden in critical U.S. infrastructure has not yet led to a cyberattack, U.S. intelligence officials believe Beijing planted it to thwart U.S. efforts to defend Taiwan. Above, a still from an animated video shared by the Chinese military in the spring of 2023 simulating how it would launch an all-out attack on Taiwan
According to Treasury Department investigators, alleged APT31 hackers linked to Wuhan Studies Institute of the US Naval War College. .
According to court filings, the operation suggestively followed public comments from a U.S. State Department official in 2020, who described Chinese military actions near Taiwan in the South China Sea as “completely unlawful.”
In another example, the hackers are accused of targeting the Norwegian government after the Scandinavian country awarded its famous Nobel Peace Prize to Hong Kong democracy movement activists.
A series of US intelligence reports argue that Chinese military strategists hope to force the US to focus on its own disaster management by focusing US military and logistics on electricity, food and water, rather than helping Taiwan case of a Chinese disaster. attempt to reclaim the island nation.
Taiwan’s independence and its past as part of China have been a point of tension between the United States and the Asian superpower since the start of the Cold War in the years after World War II.