Today the American government charged four members of the Chinese military for the 2017 Equifax hack.The hackers were able to obtain the names, date of births, and social security numbers of 150 million Americans and the drivers licenses of at least 10 million Americans. Hackers were able to intrude the Equifax system through a vulnerability in the Equifax dispute resolution system.
They were able to upload malware that allowed them to steal login credentials while also surveying the system. The malware was in the system for weeks before being detected. During that time the hackers were also able to steal Equifax trade secrets including those used to store customer information.
The indictment was handed down from a grand jury in Atlanta after a two year investigation into the security breach. According to the indictment, four members of the Peoples Liberation Army of China conspired to hack Equifax computer systems in order to commit economic sabotage. At today’s press conference given by A.G. William Barr, he said “This kind of attack on American industries is of a piece with other Chinese illegal acquisitions of sensitive personal data.”
This isn’t the first time China has hacked an American institution in order to steal the private information of American citizens. In 2015 a security engineer with the Office of Personnel Management discovered a piece of malware in the system that gave hackers access to OPM servers. What was especially concerning is the malware came from a company called OPM security .org which was registered on April 25, 2014, and was not an OPM security company. The date of registration means that the malware could have been installed on OPM servers for a year before being detected.
The Office of Personnel Management is the human resources department of the federal government. OPM houses all of the background check information for federal employees, as well as the information collected on family members and friends associated with the background checks. Chinese hackers have also intruded the computer systems of Marriott hotels and Anthem health insurance companies.
Uncovered in the Equifax hack were state sponsored intrusions and thefts that target trade secrets and theft of classified business information. The breach not only produced data of economic value, it also helps China create artificial intelligence tools and intelligence targeting software. The group of PLA hackers have also been identified as leading attacks into the nuclear power, metals, and solar products industries.
Roughly 80% of economic espionage prosecutions have led back to the Chinese government. Roughly 60% of trade secret theft has led back to the Chinese government. According to William Barr, the U.S. government typically does not criminally charge “members of the military or intelligence services outside the United States”. He went on to say “in general, traditional military and intelligence activity is of a separate sphere of conduct that ought not be subject of the domestic criminal law.”
There is no word as to if the four hackers will ever face American prosecution. It is highly unlikely that the Chinese government will hand over the hackers for doing what they were instructed to do by the Chinese government. This does make one wonder if any parts of the trade deal with China involves their security breachers into American entities?