The Trump administration cracks down on Chinese hacking group APT41

Attorney General William Barr has stressed that the DOJ would continue its pursuit of Chinese military who engage in criminal activity in an attempt to ease concerns over this year’s presidential election.

Cybersecurity has been a hot topic in the United States, especially in light of the upcoming presidential election in November. The US Department of Justice (DOJ) charged five members of the Chinese military of cybercrimes on September 16. These Chinese nationalists, together known as APT41, were charged for nearly 100 cybercrimes against government agencies, companies and nonprofits.

Additionally, in a rare international prosecution, two Malaysian businessmen, Wong Ong Hua and Ling Yang Ching, were arrested inside of Malaysia in relation to the crime.

What is APT41?

APT41, also referred to as “Barium,” “Winnti,” “Wicked Panda” and “Wicked Spider,” is a “Chinese cyber espionage actor” sponsored by the Chinese government. Historically, this group has targeted companies for financial gain, most famously in 2012 when they hacked video game companies and stole in-game currency that they then sold on the black market.

APT41 has been seeking out source codes, consumer data and software code signing certificates since the mid-2000s. Cybersecurity experts have explained how the group would, after seemingly clearing the hacked code from the networks, appear again shortly after. The group uses several tactics, including spear phishing emails, hacking, rewriting software and deploying ransomware.

The Guardian recently reported that the group had targeted “telecommunications companies’ call records for data collection, and sending spear-phishing emails to Hong Kong media organisations known for pro-democracy editorial content.” FireEye alleges that the group has obtained SMS records from foreign government officials that prove the group has goals outside of mere financial gain and toward more conventional espionage.

The US’ response

The DOJ has heavily focused on Chinese state-funded cybercriminals in 2020, starting in February by charging four members of China’s People’s Liberation Army (PLA) with the unprecedented hack of Equifax, a consumer credit reporting company.

This summer, the DOJ charged two Chinese hackers who targeted COVID-19 research with 11-counts related to cybercrimes. Speaking on China’s stance on cybercrime, FBI Deputy Director David Bowdich stated, “China steals intellectual property and research, which bolsters its economy. And then they use that illicit gain as a weapon to silence any country that would dare challenge their illegal actions.”

After praising the Department of Justice’s efforts on the case against APT41, Deputy Attorney General Jeffrey A. Rosen reprimanded the Chinese Government without explicitly blaming them, saying, “Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China.”

Attorney General William Barr has stressed that the DOJ would continue its pursuit of Chinese military who engage in criminal activity, eyeing more legal action against alleged Chinese cybercriminals in an attempt to ease concerns over this year’s presidential election and cybersecurity in general.

Even with charges filed against these perpetrators, the US government remains mostly powerless to put an end to APT41’s actions. Until the Chinese government cooperates with the US, the group, as well as other hacking groups residing in China, will continue to commit cybercrimes

China’s response

The Chinese government has vehemently denied all previous accusations of cybercrimes related to Chinese officials, but have not responded directly to these most recent charges.

In an earlier response to questions from the media, Chinese foreign ministry spokesman Geng Shuang stated, “We firmly oppose and combat cyberattacks of any kind. China is a staunch defender of cybersecurity.”

He went on to accuse Americans of hypocrisy, stating, “U.S. agencies have been engaging in cyber intrusion, surveillance and monitoring activities on foreign governments, institutions, enterprises, universities and individuals, including on its allies.”

Though the Chinese officials have not physically been arrested, the symbolic gesture of these charges largely intensifies diplomatic tensions between the US and China.

Have a tip or story? Get in touch with our reporters at tips@themilsource.com