US charges China-based hacking group for massive 2015 Anthem breach
The Justice Department's four-count indictment charges two members of the group.
Four years after hackers committed one of the worst data breaches in history, the US Justice Department has charged a "sophisticated China-based hacking group" with the attacks. An indictment released yesterday charges two members of the group, Fuji Wang and another listed as John Doe, with four counts of conspiracy and intentional damage. According to the indictment, Wang and Doe allegedly broke into and stole data from computer networks in four distinct business sectors. The most high-profile hit was the 2015 Anthem breach, in which prosecutors say the hackers stole personal information from nearly 80 million people.
Wang and Doe reportedly used "extremely sophisticated techniques," including specially-tailored spear-phishing emails with embedded hyperlinks. When employees of the targeted businesses clicked the hyperlinks, a file downloaded and deployed malware, which created a backdoor to the computer systems. In some cases, the defendants waited months before taking further action. Then, they allegedly encrypted the stolen files and sent them through multiple computers to servers in China.
When the Anthem attack occurred, the company was quick to detect it and to alert the FBI. That was a key factor in being able to determine who was responsible and "should serve as an example to other organizations that might find themselves in a similar situation," said Special Agent in Charge Grant Mendenhall. The Justice Department says it will aggressively prosecute perpetrators of hacking schemes like these. However, the charges in this indictment are merely allegations, and Wang and Doe are presumed innocent until proven guilty.
