Three Chinese nationals affiliated with a cybersecurity company in China have been charged by US prosecutors with hacking into Siemens AG, Trimble Inc., and Moody’s Analytics to steal business secrets, according to Reuters. Trimble and Moody’s claims that no client, confidential customer or employee data was breached, but Siemens “does not comment on internal security matters.”
The defendants, who are owners, employees, and associates of the Chinese cybersecurity company Guangzhou Bo Yu Information Technology Company Ltd., were charged with launching “coordinated and unauthorized”cyber attacks between 2011 and 2017. The company is affiliated with China’s People’s Liberation Army Unit 61398 and its hacking operations are state-sponsored and -directed.
However, while the Justice Department’s National Security Division is participating in the case, and arrest warrants have been issued, the case is not being prosecuted as a state-sponsored hacking. An intelligence analyst told Forbes that it’s possible that the Chinese government was either “not directly involved in the operations or the commercial arrangement obfuscated their hand in the matter.”
According to US officials, spear phishing emails were used by the hackers to gain access to a variety of networks. Boyusec is known for being linked to the hacking group calling itself Gothic Panda which has been around for a couple of years and is connected with the Chinese Ministry of State Security (MSS). Forbes has reported that the group’s victims range from companies in defense, telecommunications, transportation, and advanced technology to government departments and bureaus in Hong Kong, the US, and other countries.
The hackers are also in violation of a 2015 agreement between the US and China that prohibits both countries from stealing intellectual property for the benefit of domestic firms. But according to US officials, there has been an uptick in Chinese hackers violating the deal.
The issue has been difficult for the Trump Administration to address as it attempts to gain Chinese cooperation on the issue of North Korean nuclear proliferation. According to the New York Times, intellectual property theft costs America up to $600 billion a year and China accounts for most of this loss.