Two Chinese nationals were charged with participating in a global hacking campaign that targeted the U.S. government and military — and stole the personal information of more than 100,000 Navy personnel, the Justice Department said Thursday.
Zhang Shilong and Zhu Hua, also known as "Godkiller," worked with an extensive network of Chinese hackers to infiltrate dozens of government agencies, private companies including oil and gas firms, NASA and the U.S. Attorney's Office in the Southern District of New York, according to a three-count indictment.
The Navy was particularly hard hit. The group succeeded in stealing the "personally identifiable information" of more than 100,000 Navy personnel, including social security numbers, dates of birth and salary information, the indictment says.
Let our news meet your inbox. The news and stories that matters, delivered weekday mornings.
Working with the Chinese government, the defendants' hacking network managed to gain access to at least 90 computers belonging to U.S. government agencies, as well as commercial and defense technology companies, located in at least 12 states stretching from California to New York, the court papers say.
"The indictment alleges that the defendants were part of a group that hacked computers in at least a dozen countries and gave China's intelligence service access to sensitive business information," Deputy Attorney General Rod Rosenstein said in a statement. "This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system."
The hacking group, known in the cybersecurity community as Advanced Persistent Threat 10 or "Stone Panda" and "POTASSIUM," stole "hundreds of gigabytes of sensitive data and information" in the campaign that started in 2006. The hackers used a technique known as "spear-fishing," sending emails with attachments that would surreptitiously install malware if opened, to gain access to usernames and passwords, the indictment says.
The hackers hit U.S. companies in such fields as aviation, communications technology, and oil and gas drilling, according to the indictment.
The group also stole data from an array of firms based in countries such as Brazil, France, Germany, Japan, the U.K. and the United Arab Emirates, the court papers say.
Shilong and Hua worked for the Huaying Haitai Science and Technology Development company and in association with the Chinese Ministry of State Security's Tianjin State Security Bureau, the court papers say.
The members of their hacking network worked in an office environment in the northeastern city of Tianjin and engaged in hacking operations during normal business hours, according to the indictment.
The pair, who remain on the lam, were charged with conspiracy to commit computer intrusions, conspiracy to commit wire fraud and aggravated identity theft.
"It is galling that American companies and government agencies spent years of research and countless dollars to develop their intellectual property, while the defendants simply stole it and got it for free," said Geoffrey Berman, the U.S. Attorney in Manhattan. "As a nation, we cannot, and will not, allow such brazen thievery to go unchecked."
Tom Winter is a New York-based correspondent covering crime, courts, terrorism and financial fraud on the East Coast for the NBC News Investigative Unit.
Rich Schapiro is a reporter for the NBC News Investigative Unit.