Tuesday, May 6, 2025
HomeCyber Security NewsU.S. Accuses 12 Chinese Nationals of Hacking National Security Networks

U.S. Accuses 12 Chinese Nationals of Hacking National Security Networks

Published on

SIEM as a Service

Follow Us on Google News

The United States has taken significant steps to address the growing threat of Chinese cyber intrusions into U.S. government agencies and critical infrastructure.

On March 5, the U.S. Department of Justice (DOJ) indicted 12 Chinese nationals and one Chinese company on charges of malicious cyber activity.

This move marks an escalation in Washington’s efforts to combat aggressive forms of cyberwarfare orchestrated by the Chinese Communist Party.

- Advertisement - Google News

Targeting U.S. Government Networks

The accused individuals are described as “cyber mercenaries,” receiving financial compensation from China’s Ministry of State Security (MSS) for successful hacks and analysis of stolen data.

Their targets included major U.S. government agencies such as the Defense Intelligence Agency, the Department of Commerce, and the Treasury.

Among those indicted are Zhou Shuai and Yin Kecheng, known hacking group Silk Typhoon members, which recently compromised a government contractor to infiltrate the Treasury’s networks.

Zhou and Yin allegedly stole sensitive data from U.S. critical infrastructure to benefit China’s defense sector as early as 2013.

The Treasury’s Office of Foreign Assets Control (OFAC) sanctioned both individuals, with Zhou added on March 5 and Yin previously sanctioned on January 17.

China’s Escalating Cyber Activities

The indictments highlight the close ties between Chinese cybercriminals and technology companies with the Chinese Communist Party.

The MSS provided specific data collection parameters to these hackers, focusing on telecommunications, border crossings, religious research, media, and civil service personnel.

This broad approach mirrors China’s ‘Thousand Grains of Sand’ intelligence strategy, prioritizing volume over quality in data collection.

According to the FDD reports, Microsoft recently issued a threat assessment warning that Silk Typhoon targets remote management tools and cloud services within the IT supply chain, aligning with the CCP’s expansive cyber ambitions.

While sanctions and indictments are crucial, they alone may not suffice. To counter China’s cyber threats effectively, the U.S. should consider stricter export controls and enhanced screening of outbound investments in the Chinese tech sector.

Implementing robust cybersecurity requirements for telecommunications firms and government contractors is also essential.

In cases where defense is insufficient, Washington should be prepared to launch countermeasures against Chinese hacking groups that compromise U.S. critical infrastructure. This firm stance is necessary to deter Beijing’s aggressive cyber activities.

The recent indictment underscores the complex interplay between Chinese cyber actors and official state agencies.

As U.S. cybersecurity policy evolves, it must address these deep-seated connections to protect national security interests effectively.

The U.S. action serves as a pivotal moment in ongoing efforts to combat cyber threats from China, emphasizing the need for both robust defense and strategic offense in the digital arena.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free. 

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

BFDOOR Malware Targets Organizations to Establish Long-Term Persistence

The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations,...

Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX

As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search...

UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion

UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider,...

Over 2,800 Hacked Websites Targeting MacOS Users with AMOS Stealer Malware

Cybersecurity researcher has uncovered a massive malware campaign targeting MacOS users through approximately 2,800...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

BFDOOR Malware Targets Organizations to Establish Long-Term Persistence

The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations,...

Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX

As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search...

UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion

UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider,...