China's new approach borrows from the tactics of Russia and Iran, which have tormented public and commercial targets for years
The Department of Justice in Washington, Aug. 2, 2021. The Department of Justice unsealed an indictment in July detailing the exploits of a Chinese hacking group. (Stefani Reynolds/The New York Times)
China’s buzzy high-tech companies do not usually recruit Cambodian speakers, so the job ads for three well-paid positions with those language skills stood out. The ad, seeking writers of research reports, was placed by an internet security startup in China’s tropical island-province of Hainan.
That startup was more than it seemed, according to U.S. law enforcement. Hainan Xiandun Technology was part of a web of front companies controlled by China’s secretive state security ministry, according to a federal indictment from May. They hacked computers from the United States to Cambodia to Saudi Arabia, seeking sensitive government data as well as less-obvious spy stuff, like details of a New Jersey company’s fire-suppression system, according to prosecutors.
The accusations appear to reflect an increasingly aggressive campaign by Chinese government hackers and a pronounced shift in their tactics: China’s premier spy agency is increasingly reaching beyond its own ranks to recruit from a vast pool of private-sector talent.
This new group of hackers has made China’s state cyberspying machine stronger, more sophisticated and — for its growing array of government and private-sector targets — more dangerously unpredictable. Sponsored but not necessarily micromanaged by Beijing, this new breed of hacker attacks government targets and private companies alike, mixing traditional espionage with outright fraud and other crimes for profit.
China’s new approach borrows from the tactics of Russia and Iran, which have tormented public and commercial targets for years. Chinese hackers with links to state security demanded ransom in return for not releasing a company’s computer source code, according to an indictment released by the U.S. Department of Justice last year. Another group of hackers in southwest China mixed cyber raids on Hong Kong democracy activists with fraud on gaming websites, another indictment asserted. One member of the group boasted about having official protection, provided that they avoid targets in China.
©2019 New York Times News Service