US accuses China of 14-year global cyber hacking conspiracy that affected millions of Americans

A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
(Image credit: Getty Images)

The US Federal Bureau of Investigation (FBI) has charged seven Chinese nationals in connection with a hacking campaign that has operated for 14 years and may have affected several million Americans.

The hacking attacks consisted of over 10,000 “malicious emails, impacting thousands of victims, across multiple continents,” the US justice department said.

The charges echo a general western condemnation of Beijing’s involvement in a number of high profile cyber attacks, with the UK suffering an attack against its Electoral Commission, and New Zealand suffering similar attacks on two parliamentary organizations.

China cyber campaign targeted “our nation's security and prosperity”

FBI director Christopher Wray said, “Today's announcement exposes China's continuous and brash efforts to undermine our nation's cybersecurity and target Americans and our innovation.”

“As long as China continues to target the US and our partners, the FBI will continue to send a clear message that cyber espionage will not be tolerated, and we will tirelessly pursue those who threaten our nation's security and prosperity,” he continued.

The malicious emails distributed by the accused included hidden tracking links that, when the email is opened, steal sensitive information such as locations and IP addresses. The emails were disguised to look like they were being sent by journalists and news outlets, hinting at some level of social engineering taking place during the 14 year campaign.

The recipients of the emails were often US government officials, whose location and IP information would be used to mount more aggressive attacks against devices in the victims' homes.

Chinese-backed cyber groups have been increasingly targeting critical infrastructure and government officials as geopolitical tensions rise. Several US companies were also breached in the campaign, with the defense, IT and telecommunications industries being particular targets.

Via BBC News

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.

He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.

Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.