The Department of Justice unsealed indictments charging Zhou Shuai and Yin Kecheng, eight employees of i-Soon, a Chinese technology company, and two officers of China’s Ministry of Public Security with a variety of hacking-related offenses. The Ministry of Public Security and Ministry of State Security paid handsomely for stolen data. Victims include U.S.-based critics and dissidents of the People’s Republic of China, a large religious organization in the United States, the foreign ministries of multiple governments in Asia, and U.S. federal and state government agencies.
In addition, the Diplomatic Security Service’s Rewards for Justice Program is offering up to $10 million for information on i-Soon, its employees, and the Ministry of Public Security officers engaged in malicious cyber activities highlighted in the Department of Justice’s indictments.
Moreover, the United States imposed sanctions on the Shanghai-based malicious cyber actor and data broker, Zhou Shuai, and his company, Shanghai Heiying Information Technology Company. Zhou Shuai illegally acquired, brokered, and sold data from highly sensitive U.S. critical infrastructure networks, including in the defense industrial base, communications, health, and government sectors. The Department of State also announced reward offers under the Transnational Organized Crime Rewards Program of up to $2 million each for information leading to the arrests and/or convictions of Zhou Shuai and Yin Kecheng.
“The Department of Justice will relentlessly pursue those who threaten our cybersecurity by stealing from our government and our people,” said Sue Bai, head of the Justice Department’s National Security Division. “[W]e are exposing the Chinese government agents directing and fostering indiscriminate and reckless attacks against computers and networks worldwide, as well as the enabling companies and individual hackers that they have unleashed. We will continue to fight to dismantle this ecosystem of cyber mercenaries and protect our national security.”
It is clear that “China offers safe harbor for private sector companies that conduct malicious cyber activity against the United States and its partners,” said State Department Spokesperson Tammy Bruce in a statement. “China-backed malicious cyber actors continue to be one of the greatest and most persistent threats to U.S. national security.”
This multi-agency effort “reflects our whole-of-government approach to protecting and defending against China-based cyber threats to Americans, their sensitive personal data, and our critical systems,” said Ms. Bruce. “President Trump is committed to protecting the American people and U.S. critical infrastructure from these pervasive threats, and we will resolutely use all the tools at our disposal to do so.”
