The  Deputy Attorney General Rod J. Rosenstein, U.S. Attorney Geoffrey S. Berman for the Southern District of New York, Director Christopher A. Wray of the FBI, Director Dermot F. O’Reilly of the Defense Criminal Investigative Service (DCIS) of the U.S. Department of Defense, and Assistant Attorney General for National Security John C. Demers on December 20, unsealed an indictment charging Zhu Hua (朱华), aka Afwar, aka CVNX, aka Alayos, aka Godkiller; and Zhang Shilong (张士龙), aka Baobeilong, aka Zhang Jianguo, aka Atreexp, both PRC nationals with conspiracy to commit computer intrusions and conspiracy to commit wire fraud. Zhu Hua and Zhang Shilong were members since 2016 of a hacking group operating in China known within the cyber security community as Advanced Persistent Threat 10 (the APT10 Group).  The defendants worked for a company in China called Huaying Haitai Science and Technology Development Company (Huaying Haitai) and acted in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau. Zhu Hua, Zhang Shilong and their co-conspirators in the APT10 Group were accused of having successfully obtained unauthorised access to the computers of more than 45 technology companies and U.S. Government agencies based in at least 12 states, including Arizona, California, Connecticut, Florida, Maryland, New York, Ohio, Pennsylvania, Texas, Utah, Virginia and Wisconsin.  The APT10 Group stole hundreds of gigabytes of sensitive data and information from the victims computer systems, including from at least the following victims: seven companies involved in aviation, space and/or satellite technology; three companies involved in communications technology; three companies involved in manufacturing advanced electronic systems and/or laboratory analytical instruments; a company involved in maritime technology; a company involved in oil and gas drilling, production, and processing; and the NASA Goddard Space Center and Jet Propulsion Laboratory.  In addition to those victims who had information stolen, Zhu, Zhang, and their co-conspirators successfully obtained unauthorised access to computers belonging to more than 25 other technology-related companies involved in, among other things, industrial factory automation, radar technology, oil exploration, information technology services, pharmaceutical manufacturing, and computer processor technology, as well as the U.S. Department of Energy’s Lawrence Berkeley National Laboratory. Finally, the APT10 Group is said to have compromised more than 40 computers in order to steal sensitive data belonging to the Navy, including the names, Social Security numbers, dates of birth, salary information, personal phone numbers, and email addresses of more than 100,000 Navy personnel.

(Comment: The APT10 Group is also known alternatively as “Red Apollo,” “CVNX,” “Stone Panda,” “MenuPass,” and “POTASSIUM.”)