United States: Chinese Nationals Charged With Hacking U.S. Financial Services And Manufacturing Companies

The Department of Justice charged three Chinese nationals with computer hacking, wire fraud, theft of trade secrets, conspiracy, and identity theft. The indictment, filed in September 2017, was unsealed by the U.S. District Court for the Western District of Pennsylvania.

The three defendants (the "Defendants") were affiliated with a Chinese "cybersecurity firm" known as Guangzhou Bo Yu Information Technology Company Limited, or "Boyusec." As alleged, the Defendants targeted three U.S. corporations (Moody's Analytics, Siemens AG, and Trimble Inc.) and executed coordinated cyberattacks in order to steal confidential commercial information, trade secrets and sensitive victim employee information. The attack involved sending "spearfishing" emails to employees of the targeted companies. The emails would install malware if opened, which would gain and maintain access to the victims' computers and information. The Defendants also used sophisticated techniques to conceal their identities and illicit activity, including the use of intermediary computer servers known as "hop points." Over a six year period, the Defendants are alleged to have stolen hundreds of gigabytes of data from companies in the housing, finance, energy, technology, transportation, construction, land survey and agricultural sectors.

Commentary / Joseph V. Moreno

While operating under the guise of a cybersecurity firm, Boyusec engaged in the type of sophisticated hacking activities it purportedly was in business to help prevent. Making matters worse, Boyusec had previously been identified as carrying out espionage activities for China's Ministry of State Security, illustrating that U.S. companies are not only facing individual hackers as adversaries or even organized crime groups but also the deep resources of potentially hostile foreign governments. Long gone are the days when hackers were primarily interested in stealing identities and credit card numbers. Many hacking schemes today – particularly where a foreign government may be involved – are much more interested in stealing information that can provide a long-term strategic advantage. Companies who ignore these risks do so at their peril. Note: These and other considerations will be covered in an upcoming Cadwalader Webinar: Cybersecurity Threats to Banks and Financial Institutions.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.