The US Department of Justice declared charges against four hackers backed by the Chinese military who were involved in carrying out the cyberattack against Equifax, which is a consumer credit reporting agency on February 10. The encroachment was known as the largest theft of personally identifiable information to be ever carried out by state-sponsored actors.
It has been previously discovered by investigators and they announced the type of malware which allowed the hackers to gather addresses, birth dates, Social Security numbers, and also data on approximately 145 million Americans.
Equifax intrusion among other efforts by Chinese government
Today's indictment charges that members of the People's Liberation Army—the armed forces of the People's Republic of China—were behind that malware attack. According to the indictment, Wu Zhiyong, Wang Qian, Xu Ke, and Liu Lei exploited a vulnerability in the dispute resolution website within the Equifax system. From that initial access point, the hackers used a number of techniques to force their way into the company's network and back-end databases.
In announcing the charges, US Attorney General William Barr said the Equifax intrusion is among other efforts by the Chinese government to steal the personal data of Americans. The Justice Department believes the Chinese were also responsible for breaching systems controlled by the Office of Personnel Management, Marriott Hotels, and the health insurance company Anthem.
Businesses cannot become complacent about protecting data and consumers: Bowdich
"This data has economic value, and these thefts can feed China's development of artificial intelligence tools as well as the creation of intelligence-targeting packages," Barr said. "In addition to the thefts of sensitive personal data, our cases reveal a pattern of state-sponsored computer intrusions and thefts by China targeting trade secrets and confidential business information."
To uncover the actors behind the Equifax theft, a broad and multinational investigative team led by the FBI's Atlanta Field Office tracked the crime's digital breadcrumbs back to the four co-conspirators—who allegedly used servers in multiple countries and approximately 40 different IP addresses to disguise the origin of the attack. FBI Deputy Director David Bowdich said today's announcement is "a testament to the hard work and determination of everyone involved in this investigation."
Bowdich also said that although these types of breaches have become disturbingly common, businesses cannot become complacent about protecting data and consumers. "And as American citizens, we cannot be complacent about protecting our sensitive personal data," Bowdich emphasized. "We in law enforcement will not let hackers off the hook just because they're halfway around the world. We've got to do everything we can to keep people safe, secure, and confident online."