Chinese National Charged For Anthem Breach

Today in Security: Chinese National Charged For Anthem Breach

​​A U.S. federal grand jury indicted a Chinese national for his alleged role in the Anthem health insurance data breach that affected more than 78 million people.

The U.S. Department of Justice (DOJ) announced charges against Fujie Wang, 32, and other members of a hacking group on Thursday, alleging that they hacked into the computer systems of Anthem and three other U.S. businesses without authorization. After gaining access to the systems, they installed malware and other tools to identify and steal personally identifiable information (PII) and confidential business information.

​“The allegations in the indictment unsealed today outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history,” said Assistant Attorney General Brian A. Benczkowski in a statement. “These defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII. The Department of Justice and our law enforcement partners are committed to protecting PII, and will aggressively prosecute perpetrators of hacking schemes like this, wherever they occur.”

The DOJ also credited Anthem for its assistance. FBI Special Agent in Charge Grant Mendenhall said that Anthem’s decision to quickly notify the FBI of the network breach was a “key factor in being able to determine who was responsible.”

Wang is charged with one count of conspiracy to commit fraud and related activity in relation to computers and identity theft, one count of conspiracy to commit wire fraud, and two substantive counts of intentional damage to a protected computer.

Wang resides in Shenzhen, China, which does not have an extradition agreement with the United States. The charges against him add to the tension between the two nations, which are in the midst of high-stakes trade negotiations about Chinese business practices.

​“The Trump administration raised tariffs on $200 billion in imported products from China at 12:01 a.m. ET Friday, significantly raising the stakes in the ongoing trade dispute with Beijing,” according to NPR.

China has faced ongoing criticism for hacking into businesses to steal intellectual property and confidential business information. In 2015, Chinese President Xi Jinping met with U.S. President Barack Obama to agree that neither country’s government would engage in cyber economic espionage to steal trade secrets to pass them on to domestic companies.

“China and the United States are two major cyber countries and we should strengthen dialogue and cooperation,” Xi said in a press conference following the agreement. “Confrontation and friction are not made by choice for both sides.”

Since Obama left office, however, that agreement appeared to deteriorate with China resuming its hacking efforts against the United States.

“China’s actually backed off quite a bit on intellectual property theft, but when it comes to military trade secrets, military preparedness, military readiness, satellite communications, anything that involves the U.S.’s ability to keep a cyber or military edge, China has been very heavily focused on those targets,” said David Kennedy, CEO of Binary Defense Systems, in an interview with WIRED.