Published: Wed, November 29, 2017
Medical | By Garry George

Chinese Citizens Accused of Hacking Sensitive Information

U.S. prosecutors have charged three Chinese nationals affiliated with a cyber security company in China with hacking into Siemens, Trimble and Moody's Analytics to steal business secrets. The report further states that the three were in charge of a cyber security firm in the city of Guangzhou, located in southern China.

Trimble's advances in geolocation and Siemens' work in guidance and navigation are of interest to the Chinese, according to one of the officials, who declined to be named.

The hackers "launched coordinated and targeted cyber intrusions against businesses operating in the United States... in order to steal confidential business information", said Soo C. Song, acting U.S. Attorney for the Western District of Pennsylvania.

Security firm CrowdStrike, which refers to the alleged hacking ring as Gothic Panda, says it's seen a rise in activity associated with the group since 2016. "Their previous targeting includes industries such as Aerospace, Defense, Energy, Technology, NGOs, etc., that are primarily aligned with China's economic objectives".

"The Justice Department is committed to pursuing the arrest and prosecution of these hackers, no matter how long it takes, and we have a long memory", Boente said.

"Once again, the Justice Department and the Federal Bureau of Investigation have demonstrated that hackers around the world who are seeking to steal our companies' most sensitive and valuable information can and will be exposed and held accountable", said Dana J. Boente, acting assistant attorney general for national security. If the attack was successful, attackers would gain long-term, backdoor access to victims' PC, according to the indictment.

When the Chinese nationals allegedly accessed the network, they stole files containing commercial business documents and data pertaining to the technology.

"Trimble responded to the incident and concluded that there is no meaningful impact on its business", the company says in a statement.

Officials with Moody's Analytics, which specializes in evaluating risk, didn't immediately respond to a request for comment about the indictment.

The conspiracy began as early as 2011 and continued to May, 2017.

Between 2013 and 2014, the hackers also "accessed the internal email server of Moody's Analytics and placed a forwarding rule in the email account of a prominent employee".

In the wake of the indictment, it's not clear if APT 3 remains in operation.

Like this: