CANADIAN FIRMS TARGET OF SPIES
U.S. ACCUSES TWO CHINESE OF HACKING INTO HUGE SEGMENT OF TECH, BUSINESS
Companies in Canada were among the targets of two Chinese citizens charged with waging an extensive hacking campaign to steal valuable data over many years, U.S. authorities say.
In an indictment unsealed Thursday, prosecutors say Zhu Hua and Zhang Shilong were acting on behalf of China’s main intelligence agency to pilfer information from a dozen countries.
The hackers breached the computers of enterprises involved in activities ranging from banking and telecommunications to mining and health care, say the papers filed in U.S. District Court.
The news will add to tension between Canada and China which has risen lately over the arrest in Vancouver of Meng Wanzhou, chief financial officer of telecommunications giant Huawei and also the daughter of its founder. The U.S. wants Meng extradited on a charge related to violating sanctions against Iran. In what is believed to have been a retaliatory move, China later arrested two Canadians, Michael Kovrig, a former Canadian diplomat, and Michael Spavor, a Calgary-born entrepreneur.
On Thursday, U.S. Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen assailed China for violating a landmark 2015 pledge by President Xi Jinping to refrain from hacking U.S. trade secrets and intellectual property to benefit Chinese companies.
“Stability in cyberspace cannot be achieved if countries engage in irresponsible behaviour that undermines the national security and economic prosperity of other countries,” they said. “These actions by Chinese actors to target intellectual property and sensitive business information present a very real threat to the economic competitiveness of companies in the United States and around the globe.”
U.S. allies — including Canada — echoed the Justice Department action, in an unprecedented mass effort to call out China for its alleged malign acts. It represents a growing consensus that Beijing is flouting international norms in its bid to become the world’s predominant economic and technological power.
“China’s goal, simply put, is to replace the U.S. as the world’s leading superpower, and they’re using illegal methods to get there,” said FBI director Christopher Wray. “The list of victim companies reads like a who’s who of the global economy.”
Public Safety Minister Ralph Goodale said the government isn’t aware that any data was stolen from Canadians. “To the best of our knowledge, we do not have reports ... of specific losses, but we are aware of intrusions. So the incidents took place, the hacking and compromise took place. Whether there was actually a theft committed or the withdrawal of information of data, that is not information within our domain.”
As disappointed as the Canadian government is by China’s espionage, Goodale said, it will separate this case from China’s detention of the Canadians. “They are two quite separate incidents. As I’ve mentioned, the information that we’re dealing with today in terms of cyber security was first detected going back to 2016.”
The hackers employed a technique known as “spearphishing,” tricking computer users at business and government offices into opening malware-infected emails giving them access to login and password details.
The indictment says Zhu and Zhang are members of a group operating in China known as Advanced Persistent Threat 10. They purportedly broke into computers belonging to — or providing services to — companies in at least 12 countries, including Canada.
The two suspects, who worked for Huaying Haital Science and Technology Development Co. in Tianjin, are accused of acting in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau.
The alleged hackers provided Chinese intelligence officials with sensitive business information, said U.S. deputy attorney general Rod Rosenstein.
“This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system,” Rosenstein said.
Beginning about four years ago, Zhu and Zhang waged a campaign to gain access to computers and networks of “managed service providers” for businesses and governments around the world, the indictment says.
Such providers are private firms that manage clients’ information by furnishing servers, storage, networking, consulting and information-technology support.
In one case, the indictment says, the APT10 Group obtained unauthorized access to the computers of an unnamed service provider that had offices in New York state and then compromised the data of the provider and clients in Canada, the U.S., Britain, Brazil, Finland, France, Germany, India, Japan, Sweden, Switzerland and the U.A.E. The RCMP and Global Affairs Canada had no immediate comment on the U.S. charges.