US sues Chinese men for hacks from security company

Spread the love

Three Chinese men have been charged in the US on suspicion of hacking US companies from a Chinese security firm. According to the indictment, the intent was espionage.

Two US government officials told Reuters news agency that the company, also known as Boyusec, has ties to the Chinese military and that almost all of its operations have been commissioned by the Chinese government. Still, the three men would not be prosecuted for conducting state hacking operations, but for other crimes.

The published indictment indicates that the men conducted their activities between 2011 and 2017, targeting companies such as Siemens and financial analyst firm Moody’s. According to the indictment, the men of the latter company monitored an e-mail from an economist and at Siemens it involved the theft of 407GB of data from the transport, technology and energy departments.

The Trimble company was also a target, because of its technology for an accurate GNSS system. The suspects would have entered the companies by using targeted phishing emails, and then installing so-called ups and exeproxy malware.

In 2015, the Chinese government and the US signed an agreement not to engage in espionage for economic purposes among themselves. A member of the US CNAS tells Ars Technica that the indictment may be a way to pressure China to comply with the agreements.

You might also like