US charges three Chinese for hacking Moody's, Siemens

[WASHINGTON] The US Justice Department charged three Chinese computer security experts Monday with hacking and stealing materials from Moody's Analytics, Siemens, and Trimble, a GPS technology firm.

The three were associated with Guangdong-based Guangzhou Boyu Information Technology Company, known as Boyusec, which some Western security analysts allege has links to the Chinese Ministry of State Security.

The indictment named Boyusec co-founder Wu Yingzhuo, executive director Dong Hao, and Xia Lei, an employee.

It said they hacked the email server of Moody's Analytics in 2011, obtaining access to the emails of a person described as a high-profile economist who represented the Moody's brand - a description that matches Moody's chief economist Mark Zandi.

Moody's did not confirm or deny that, but said it had "worked closely" with the investigation, and had not lost any customer or employee data to the hackers.

In 2014 the three Chinese hackers broke into German industrial giant Siemens' computer networks, stealing large amounts of files and data from its energy, technology and transportation businesses, according to the US indictment.

It added that in 2015-2016 they stole newly developed hardware and software information from a new global satellite navigation system being developed by Trimble.

The three were charged with computer fraud, wire fraud, identity theft, and theft of trade secrets.

The indictment did not say what Boyusec did with the information, some of which had clear commercial value.

"Once again, the Justice Department and the FBI have demonstrated that hackers around the world who are seeking to steal our companies' most sensitive and valuable information can and will be exposed and held accountable," said Acting Assistant Attorney General Dana Boente.

In 2015 then-president Barack Obama extracted a pledge from Chinese leader Xi Jinping to halt Chinese theft of trade secrets. Since then industry and US intelligence experts say the practice has significantly diminished, but not disappeared.

Boyusec has been watched as a suspicious actor by Western security firms for several years.

Earlier this year the threat intelligence firm Record Future - which is supported by the US Central Intelligence Agency - said Boyusec works "on behalf of the Chinese Ministry of State Security" and is behind hacking attacks known as APT3.

"APT3 has traditionally targeted a wide-range of companies and technologies, likely to fulfill intelligence collection requirements on behalf of the MSS," Recorded Future said.

AFP