Chinese Hackers Behind Moody’s Cyberattack

Three individuals connected to a Chinese cybersecurity company have reportedly hacked automation company Siemens, software processing firm Trimble and bond credit rating business Moody’s Analytics in an attempt to steal business information.

According to a Monday (Nov. 27) report in Reuters, which cited U.S. prosecutors via an indictment that was unsealed in federal court in Pittsburgh, Pennsylvania, the three were charged with launching what prosecutors called “coordinated and unauthorized” attacks spanning from 2011 through 2017.

The Chinese hackers kept a close eye on the emails of an unnamed Moody’s economist, launched cyberattacks on Trimble and stole information for transportation, technology and energy units of Siemens. The three, who are not yet in custody and were charged as individuals rather than state-sponsored hackers, infiltrated the companies’ networks via infected emails.

The prosecutors said the Chinese government is aware of the indictments.

The defendants were identified as Wu Yingzhuo, Dong Hao and Xia Lei, and were named as employees and associates of Guangzhou Bo Yu Information Technology Company, a cybersecurity firm based in China. A Trimble spokesperson said no client was impacted by the hack, while Siemens representatives weren’t immediately available to comment. Moody’s said it worked with investigators and, to its knowledge, no customer data or personal employee information was compromised in the hacks.

Soo C. Song, U.S. Special Attorney in Pittsburgh, noted arrest warrants had been issued.

“It is not an element or subject of this indictment that there is state sponsorship,” Song explained.

The indictment also refers to the Chinese hacking group that goes by “Gothic Panda” and has been active since September. The company has used cyberattacks to target aerospace and defense, chemical, energy, financial, healthcare, industrial and transportation firms in Britain, France, Hong Kong, the United States and other western nations, according to Adam Meyers, a researcher with cyber firm CrowdStrike.

The Chinese hackers were charged with using malware to gain access to confidential business information.