12 Chinese Nationals Indicted in Hacking-for-Hire Scheme

The U.S. Justice Department announced a shocking indictment on Wednesday, targeting 12 Chinese nationals accused of being involved in a global hacking campaign that targeted dissidents, news organizations, government agencies, and a large religious organization based in the United States.

According to court documents, China's Ministry of Public Security and Ministry of State Security were behind the hacking scheme, which used a network of private companies and hackers-for-hire to steal information and help locate dissidents and critics worldwide. The Chinese government allegedly paid hackers-for-hire to inflict digital harm on Americans who criticized the Chinese Communist Party (CCP).

"Today's announcements reveal that the Chinese Ministry of Public Security has been paying hackers-for-hire to inflict digital harm on Americans who criticize the Chinese Communist Party (CCP)," said Assistant Director Bryan Vorndran of the FBI's Cyber Division in a statement. The indictment targets individuals who were allegedly involved in this scheme, including two officers from China's Ministry of Public Security, eight employees of i-Soon, and two members of Advanced Persistent Threat 27 (APT27).

The suspects are all at large, and the Justice Department is offering a reward of up to $10 million for information about the MPS officers and i-Soon, the Chinese company that employed most of the hackers. The FBI alleges that i-Soon sold stolen information "to China's intelligence and security services to suppress free speech and democratic processes worldwide, and target groups deemed a threat to the Chinese government."

i-Soon also conducted computer intrusions on its own initiative, charging clients an estimated $10,000 to $75,000 for each email inbox successfully hacked. The company provided training in hacking skills to government agencies, further highlighting the scope of their activities.

The group's targets included a large religious organization critical of the Chinese government that had previously sent missionaries to China, as well as a group promoting human rights and religious freedom in China. News organizations and government agencies in the United States, including those opposed to the Communist Party of China or delivering uncensored news to China, were also targeted.

Foreign targets included a religious leader, a Hong Kong newspaper, and the foreign ministries of Taiwan, India, South Korea, and Indonesia, according to the Justice Department release. The State Department announced a reward of up to $2 million for information leading to the arrest of two men connected to APT27, Zhou Shuai and Yin Kecheng.

The indictment alleges that Zhou Shuai and Yin Kecheng were involved in multi-year, for-profit computer intrusion campaigns dating back to 2013. They face several charges, including computer network conspiracy, wire fraud, aggravated identity theft, and money laundering. The two are accused of hacking numerous U.S.-based technology companies, think tanks, law firms, defense contractors, local governments, health care systems, and universities, leaving behind a trail of millions of dollars in damages.

"As evidenced by today's and previous announcements, China offers safe harbor for private sector companies that conduct malicious cyber activity against the United States and its partners," said State Department spokesperson Tammy Bruce in a statement. The indictments were the result of a joint investigation by the Justice Department, FBI, Naval Criminal Investigative Service, Departments of State, and the Treasury.

The indictment is part of a growing concern about China's role in global cyber attacks. In recent years, there have been numerous reports of Chinese hackers targeting dissidents, human rights groups, and news organizations around the world. The U.S. government has taken steps to address these concerns, including imposing sanctions on individuals and companies implicated in the hacking scheme.