The Justice Department, in coordination with the FBI, Naval Criminal Investigative Service, and the Departments of State and Treasury, has unveiled charges against 12 Chinese nationals accused of engaging in widespread cyber intrusions targeting critics of the Chinese Communist Party (CCP), foreign governments, and U.S. institutions. Among the accused are two officers from China’s Ministry of Public Security (MPS) and employees of Anxun Information Technology Co. Ltd., also known as i-Soon, a Chinese cyber-mercenary firm linked to state-sponsored hacking.
According to officials, the hacking campaigns were designed to suppress dissent, steal sensitive information, and compromise organizations worldwide. The cyber actors, associated with the infamous Advanced Persistent Threat 27 (APT27) group, operated under the direction of China’s Ministry of State Security (MSS) and MPS. Their targets included U.S. government agencies, religious organizations, foreign ministries across Asia, and news outlets critical of the CCP.
Authorities revealed that China’s government utilized a vast network of private contractors and freelance hackers, offering lucrative payments for stolen data. These actors exploited vulnerabilities to infiltrate email accounts, government servers, and financial institutions, leaving global cybersecurity at risk.
“The Department of Justice will relentlessly pursue those who threaten our cybersecurity by stealing from our government and our people,” stated Sue J. Bai, head of the DOJ’s National Security Division. “We are exposing the Chinese government’s role in these reckless and indiscriminate attacks, and we will continue to dismantle their cyber mercenary operations.”
Indictments and Rewards for Justice
Federal courts in New York and Washington, D.C., unsealed multiple indictments charging the defendants with crimes ranging from hacking to cyber-enabled transnational repression. U.S. authorities also announced the seizure of domains linked to i-Soon and other cybercriminal infrastructure used in the hacking operations.
The FBI has issued arrest warrants, and the U.S. State Department is offering rewards of up to $10 million for information leading to the arrest of the defendants.
A Growing Cybersecurity Threat
The charges highlight the increasing danger posed by China’s hacker-for-hire ecosystem, which authorities say has evolved into a sophisticated, state-backed cyber-warfare operation. The campaign, dating back to at least 2013, has inflicted millions of dollars in damages and compromised national security in multiple countries.
“The FBI is committed to protecting Americans from foreign cyber-attacks,” said Assistant Director Bryan Vorndran of the FBI Cyber Division. “These charges send a clear message: We will use every tool at our disposal to identify, indict, and expose those who threaten our democracy.”
As cyber warfare intensifies, the U.S. is ramping up efforts to combat digital threats from foreign adversaries. With new sanctions imposed on implicated hackers and companies, alongside cooperation with tech giants like Microsoft, the Justice Department aims to dismantle the PRC’s cyber threat infrastructure.
While the accused individuals remain at large in China, the Justice Department’s latest move marks a critical step in holding cybercriminals accountable. As international cybersecurity threats grow, the crackdown on hacker-for-hire operations signals a firm stance against state-sponsored espionage and cyberattacks.
FBI says China is going to hack us https://t.co/6aZbj927ZK
— Kim Komando (@kimkomando) April 19, 2024
