The U.S. Department of Justice today indicted two Chinese nationals over their role in a hacking group that allegedly broke into and stole data from 45 U.S. tech companies and government agencies.

The two men are Zhu Hua, known online as Afwar, CVNX, Alayos and Godkiller, and Zhang Shilong, also known as Baobeilong, Zhang Jianguo and Atreexp. They’re alleged to be members of the APT10 hacking group that works on behalf of the Chinese Ministry of State Security’s Tianjin State Security Bureau.

“Through their involvement with the APT10 Group, from at least in or about 2006 up to and including in or about 2018, Zhu and Zhang conducted global campaigns of computer intrusions targeting, among other data, intellectual property and confidential business and technological information,” the Justice Department said in a statement today.

The APT10 Group is said to have targeted a diverse array of commercial activity, industries and technologies as well as government agencies, including the National Aeronautics and Space Administration. In addition to the attacks in the U.S., the two men, through their involvement in APT10, are also alleged to have taken part in hacks in at least a dozen countries.

Carl Wright, chief executive officer of AttackIQ Inc., told SiliconANGLE that the indictments were a step in the right direction as the blatant theft of IP and other sensitive data is unacceptable.

“Despite these indictments, prosecutions are unlikely given that the hackers are Chinese residents and extraditions are a rarity,” Wright said. “These charges will restrict the international travels of those named in the filing and will send a warning to those who have not been named, potentially deterring motivation for future attacks against the United States.”

Jonathan Bensen, interim chief information security officer and director of product management at Balbix Inc., notes that the indictments have effectively scrubbed the bilateral agreement between the United States and China in 2015 that called for a truce against hostile cyberattacks and espionage.

“We have seen Chinese hackers target aviation, space and satellite, manufacturing, pharmaceutical, oil and gas, communications, computer processor and maritime technology companies in the United States,” he said. “These hacks have even breached names, dates of birth, email addresses, salary information and Social Security numbers of more than 100,000 United States Navy personnel this year. Regardless of these indictments, we will likely see more nation-state backed cyber attacks come to light in 2019 around the globe.”

Priscilla Moriuchi, director of strategic threat development at Recorded Future Inc., said the indictments send three specific messages to Beijing.

“First, they continue to draw a clear line for China regarding what type of behavior is and is not acceptable for states to conduct in cyberspace,” she said. “In particular, that leveraging government and military resources to conduct cyber operations in order to steal intellectual property from private companies is unacceptable.”

Second, she added, they signal that attacking and undermining critical internet backbone infrastructure to gain access to sensitive data and enable secondary intrusions is also unacceptable. And third, they indicate that the U.S. government continues to take the theft of personally identifiable information of U.S. citizens very seriously.

Image: FBI