Saturday, May 24, 2025
HomeCyber Security NewsU.S. Accuses 12 Chinese Nationals of Hacking National Security Networks

U.S. Accuses 12 Chinese Nationals of Hacking National Security Networks

Published on

SIEM as a Service

Follow Us on Google News

The United States has taken significant steps to address the growing threat of Chinese cyber intrusions into U.S. government agencies and critical infrastructure.

On March 5, the U.S. Department of Justice (DOJ) indicted 12 Chinese nationals and one Chinese company on charges of malicious cyber activity.

This move marks an escalation in Washington’s efforts to combat aggressive forms of cyberwarfare orchestrated by the Chinese Communist Party.

- Advertisement - Google News

Targeting U.S. Government Networks

The accused individuals are described as “cyber mercenaries,” receiving financial compensation from China’s Ministry of State Security (MSS) for successful hacks and analysis of stolen data.

Their targets included major U.S. government agencies such as the Defense Intelligence Agency, the Department of Commerce, and the Treasury.

Among those indicted are Zhou Shuai and Yin Kecheng, known hacking group Silk Typhoon members, which recently compromised a government contractor to infiltrate the Treasury’s networks.

Zhou and Yin allegedly stole sensitive data from U.S. critical infrastructure to benefit China’s defense sector as early as 2013.

The Treasury’s Office of Foreign Assets Control (OFAC) sanctioned both individuals, with Zhou added on March 5 and Yin previously sanctioned on January 17.

China’s Escalating Cyber Activities

The indictments highlight the close ties between Chinese cybercriminals and technology companies with the Chinese Communist Party.

The MSS provided specific data collection parameters to these hackers, focusing on telecommunications, border crossings, religious research, media, and civil service personnel.

This broad approach mirrors China’s ‘Thousand Grains of Sand’ intelligence strategy, prioritizing volume over quality in data collection.

According to the FDD reports, Microsoft recently issued a threat assessment warning that Silk Typhoon targets remote management tools and cloud services within the IT supply chain, aligning with the CCP’s expansive cyber ambitions.

While sanctions and indictments are crucial, they alone may not suffice. To counter China’s cyber threats effectively, the U.S. should consider stricter export controls and enhanced screening of outbound investments in the Chinese tech sector.

Implementing robust cybersecurity requirements for telecommunications firms and government contractors is also essential.

In cases where defense is insufficient, Washington should be prepared to launch countermeasures against Chinese hacking groups that compromise U.S. critical infrastructure. This firm stance is necessary to deter Beijing’s aggressive cyber activities.

The recent indictment underscores the complex interplay between Chinese cyber actors and official state agencies.

As U.S. cybersecurity policy evolves, it must address these deep-seated connections to protect national security interests effectively.

The U.S. action serves as a pivotal moment in ongoing efforts to combat cyber threats from China, emphasizing the need for both robust defense and strategic offense in the digital arena.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free. 

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...