China’s Hackers Have Stolen EU, US & Global Secrets

A US Justice Department indictment  issued on 20th December, announced the criminal indictment of two individuals, Zhu Hua and Zhang Shilong, who were alleged to be part of A 

The Five Eyes intelligence group (US, UK, Australia, Canada and New Zealand) believe that China has been using hackers and sometimes students as short term hackers before they go into often overseas academic study. 

These hackers have been used to gather military, technology and commercial information and secrets from other countries in-order to support and improve China’s intelligence and commercial positon in the World. China’s group of best hackers known as APT10, which is short for “Advanced Persistent Threat”, hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called Managed Service Providers (MSPs). 
They are the companies that offer electronic systems like data backup and password management under a subscription model. If hackers can get into a MSP’s data system, then they can down-load information from the commercial, and or government, data/secrets collections. 

The indictment suggests that China by hacking into a particular New York MSP, was able to steal data from companies in lots of countries, from Chile to the Australia. 

This secret intrusion process allowed China to gather information from a wide variety of businesses, parts of government and industries from telecoms, IT to banking and manufacturing. Foreign Secretary UK, Jeremy Hunt said:

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world.

"These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.

"Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld”.

MSP Attack
These hacks often begin with an email saying that a particular issue is important and needs attention. The message appears to be legitimate and seems to come from a supply partner company and asks the receiver to open an attached file. 
However, this is a phishing email that, once opened lets the hacker have access to passwords et al. Even if some of the security systems tried to block access the hackers would change the IP address and continue the hacking process. 
Once these Chinese hackers had established themselves on a computer, they would download more malware until they get what they are after.

Using these systems and collection processes the hackers have got massive amounts of valuable information and data since at least 2014.

These Chinese hackers stole hundreds of gigabytes of data from dozens of companies, the indictment suggests. While the Justice Department didn’t name any specific victims, the Department of Homeland Security has set up a page providing guidance for any company that thinks it might have been attacked. 

No Armistice
This whole process is now set against the China/American agreement from three years ago that they would not hack each other’s commercial businesses.  China like other major countries has used these hacking system attacks and intrusions in ways that are similar to different methods that have been used over the centuries for one nation to gather and governmentally and commercial use secrets from another country for their own benefit.

News  by CSI:

You Migt Also Read 

China Has “taken the gloves off” In Hacking Attacks:

 

« Publishers Need Micro-Payments Now
Prosecutors Sue Facebook Over Cambridge Analytica »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Synology

Synology

Synology provides high-performance, reliable, and secure Network Attached Storage (NAS) products.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

Cisco Talos

Cisco Talos

Talos is an industry-leading threat intelligence solution that protects your organization’s people, data and infrastructure from active adversaries.

Modux

Modux

Modux focus on a number of core competencies across cyber security including; cyber intelligence & analytics, penetration testing and training.

Myra Security

Myra Security

Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Asia Data Destruction (ADD)

Asia Data Destruction (ADD)

ADD is the leading IT Assets Disposal and Data Destruction Company in Thailand.

Touchstone Security

Touchstone Security

Touchstone Security is a company with a passion for technology, a hyper-focus on cybersecurity, and a special affinity for cloud technology.

Mendoza Ventures

Mendoza Ventures

Mendoza Ventures is a venture capital fund focusing on pre-seed Artificial Intelligence (AI), Fintech, and Cybersecurity startups.

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

Twilio

Twilio

Twilio are the customer layer for the internet, powering the most engaging interactions companies build for their customers. We provide simple tools that solve hard problems.

Lyvoc

Lyvoc

Lyvoc is a premier cybersecurity integration partner renowned for its expertise in supporting its clients to accelerate and secure their digital transformation.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.