Chinese National Indicted on Hacking Charges Related to Anthem Breach--3rd Update
May 09 2019 - 7:04PM
Dow Jones News
By Dustin Volz
A Chinese national and an unnamed co-defendant were indicted on
Thursday on computer hacking charges related to a campaign to
breach large U.S. businesses, including the 2015 theft of data from
health insurer Anthem Inc., the Justice Department said.
Fujie Wang, 32 years old, and another individual were accused in
a four-count indictment of working for what prosecutors described
as "an extremely sophisticated hacking group operating in China,"
though they didn't name the group.
"The allegations in the indictment unsealed today outline the
activities of a brazen China-based computer hacking group that
committed one of the worst data breaches in history," said U.S.
assistant attorney general Brian Benczkowski in a statement.
In addition to Anthem, the hackers are accused of breaching at
least three other U.S. businesses, none of which were named in the
indictment.
Prosecutors were unable to find clear links between the attacks
and the Chinese state, according to people familiar with the case.
But the charges are the latest in a series of prosecutions to
emerge in recent months accusing either the Chinese government or
Chinese nationals of making cyberattacks against U.S. companies, an
effort that has coincided with the Trump administration's tough
posture with Beijing over trade disputes. The FBI and Justice
Department have said that Chinese economic espionage, often driven
by cyberattacks, is a major strategic threat.
Cybersecurity experts and U.S. officials have long suspected
Chinese actors were responsible for the attack on Anthem, which
pilfered data like social security numbers, addresses and
employment information from nearly 80 million people. The
indictment didn't address whether the Chinese actors had a
connection with the Chinese government.
"There is no evidence that information obtained through the 2015
cyberattack targeting Anthem has resulted in fraud," a spokeswoman
for Anthem said.
The Anthem breach was one of the largest on record when it
surfaced, but has been eclipsed by several far larger cyberattacks
in the years since. The insurer agreed in 2017 to pay $115 million
to settle litigation related to the hack, which lawyers described
at the time as the largest settlement ever for a data breach. The
money was used to pay for two years of credit monitoring.
The indictment alleges the hackers engaged in sophisticated
techniques to hack into corporate networks, including through
so-called spear-phishing attacks, the practice of targeting
individuals by leveraging public information and posing as a known
or trustworthy sender. Once inside victims' computers, the hackers
are alleged to have "patiently waited months" before stealing
data.
The FBI released a wanted poster of Mr. Fujie, stating he was
known to reside in Shenzhen, China.
Prosecutors described a persistent, yearlong campaign to break
into U.S. corporate networks that began in February 2014 and was
geared toward harvesting personally identifiable information and
confidential business information. After seizing information on
victim networks, the defendants used encrypted archive files to
send the purloined data through multiple computers back to
destinations in China in part by using the Citrix ShareFile
data-storage and transfer service, prosecutors said.
Once the data arrived back in China, the defendants deleted the
encrypted archive files to avoid detection, prosecutors said.
Investigators said they found evidence of an intrusion into
Anthem as early as May 2014. The other three companies, described
as part of the technology, basic-materials and
communications-services sectors, were hit in September 2014,
October 2014 and January 2015, according to the indictment.
FBI officials praised Anthem's cooperation during the
investigation.
"Because the victim companies promptly notified the FBI of
malicious cyber activity, we were able to successfully investigate
and identify the perpetrators," said Matt Gorham, the assistant
director of the FBI cyber division.
In 2015, the cybersecurity company ThreatConnect said it had
uncovered forensic links between Chinese state-sponsored
researchers and the hack of Anthem, supporting a view shared by
many other security experts and U.S. officials.
But prosecutors often encounter challenges compiling enough
declassified evidence to identify and charge hackers, and
discerning direct connections to a government is often the hardest
part of a cyber investigation, according to former U.S. officials
and security experts.
"We have seen incidents where criminals working for a state
security service have been in the systems carrying out their
criminal schemes while simultaneously serving the interests and
responding to tasking from a security service," said John
Hultquist, director of intelligence analysis at the cybersecurity
company FireEye.
--Aruna Viswanatha contributed to this article.
Write to Dustin Volz at dustin.volz@wsj.com
(END) Dow Jones Newswires
May 09, 2019 18:49 ET (22:49 GMT)
Copyright (c) 2019 Dow Jones & Company, Inc.
Anthem (NYSE:ANTM)
Historical Stock Chart
From Aug 2024 to Sep 2024
Anthem (NYSE:ANTM)
Historical Stock Chart
From Sep 2023 to Sep 2024