The two-count indictment, which was returned in May and kept under seal until now, charges Ding Xiaoyang, Cheng Qingmin, and Zhu Yunmin were officers with the Hainan State Security Department, a provincial branch of China’s Ministry of State Security, or MSS.
A fourth charged individual, Wu Shurong, was charged as a computer hacker who created malware and hacked into computers run by foreign governments, companies and universities, and supervised other hackers engaged in such work. The indictment charges that hacking stretched from 2011 to 2018, targeting entities in the U.S., Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, and Britain.
The indictment was unsealed on the same day the U.S., European Union, and NATO accused the Chinese government of a wide range of malicious cyber activities, blaming the MSS for a sophisticated attack on Microsoft’s widely used mail server earlier this year — the first time NATO has called out Beijing’s cyber activities following the Biden administration’s pledge last month to rally U.S. allies against malign Chinese behavior. U.S. officials said the number of nations involved in Monday’s criticism represents the largest condemnation to date of China’s cyber aggressions.
In a statement, Deputy Attorney General Lisa Monaco said the new indictment highlights “that China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments.”
The hackers allegedly targeted a wide range of commercial and scientific activity, including research related to Ebola, HIV, and MERS. The indictment charges the MSS coordinated the hacking closely with professors at a number of Chinese universities, and that those universities helped identify and recruit hackers and translators for the effort. One university helped support and manage a front company used to further the hacking work, the indictment said.
U.S. officials have long complained about what they call China’s aggressive hacking of foreign firms for the benefit of China’s economy. The indictment unsealed Monday represents the latest salvo in an effort to name and shame the individuals involved in such work — an approach that began during the Obama administration.
“The FBI, alongside our federal and international partners, remains committed to imposing risk and consequences on these malicious cyber actors here in the U.S. and abroad,” said FBI Deputy Director Paul M. Abbate in a statement. “We will not allow the Chinese government to continue to use these tactics to obtain unfair economic advantage for its companies and commercial sectors through criminal intrusion and theft.”