Uncle Sam accuses Chinese pair of romping through Anthem's servers for almost a year

Fujie charged with killing them softly with his scripts. And by them, we mean, the health insurance giant's computers

US prosecutors today formally accused two people of being part of a Chinese hacking crew responsible for one of the biggest cyber-heists in American history.

Fujie "Dennis" Wang and another John Doe defendant face charges of conspiracy to commit fraud and related activity in relation to computers and identity theft, conspiracy to commit wire fraud, and intentional damage to a protected computer.

The pair were said to be members of a Chinese crew that targeted four US businesses, including health insurance giant Anthem, in hopes of harvesting business and personal information from databases. They would eventually make off with the personal information of more than 70 million people from the insurance biz, it was alleged.

According to an indictment (PDF) filed this week, Wang and the other hackers used spear-phishing operations to gain access to PCs on the target networks. From there, they worked their way to servers containing patient databases, it was claimed.

The pilfered records, which included social security numbers, contact details, and employee documents, were then encrypted and sent to an external server via Citrix ShareFile before the hackers wiped the Anthem machines to cover their tracks, we're told. The indictment was filed in the Southern District Court of Indiana, where Anthem is based.

Wang is said to have set up the servers, hosted in California and Arizona, used for the attack. According to the indictment, the team first penetrated Anthem on February 18, 2014, and continued for almost a year until January 25, 2015.

The network intrusion would end up costing Anthem $115m in 2017 in a class-action lawsuit, the largest ever data loss settlement at the time.

"The allegations in the indictment unsealed today outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history," said assistant Attorney General Brian Benczkowski.

"These defendants allegedly attacked US businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII [ersonally identifiable information]."

In addition to Anthem, the Chinese crew was accused of carrying out similar heists against three other unnamed US companies. Those three businesses operated in the technology, basic materials, and communications sectors, respectively.

Indicting Wang and the other members of the group will be the easy part for US authorities. In order to bring the defendants before a judge, investigators will need to identify the crew (aside from Wang), make arrests, and extradite them from China to the US.

Considering the current state of relations between the two countries, the alleged hackers will hardly be losing sleep over their chances of detention and trial. ®

Other stories you might like

  • Oracle sued by one of its own gold-level Partners of the Year over government IT contract
    We want $56 million, systems integrator tells court

    Oracle has been sued by Plexada System Integrators in Nigeria for alleged breach of contract and failure to pay millions of dollars said to be owed for assisting with a Lagos State Government IT contract.

    Plexada is seeking almost $56 million in denied revenue, damages, and legal costs for work that occurred from 2015 through 2020.

    A partner at Plexada, filed a statement with the Lagos State High Court describing the dispute. The document, provided to The Register, accuses Oracle of retaliating against Plexada and trying to ruin the firm's business for seeking to be paid.

    Continue reading
  • Governments opt for XaaS, dump datacenters in droves
    Outsource all the things! To whom? The lowest bidder of course, says Gartner

    The world's governments are eager to let someone else handle their IT headaches, according to a recent Gartner report, which found a healthy appetite for "anything-as-a-service" (XaaS) platforms to cut the costs of bureaucracy.

    These trends will push government IT spending to $565 billion in 2022, up 5 percent from last year, the analyst house claims. Gartner believes the majority of new government IT investments will be on service platforms by 2026.

    "The pandemic sped up public-sector adoption of cloud solutions and the XaaS model for accelerated legacy modernization and new service implementations," Gartner analyst Daniel Snyder said in a release. "Fifty-four percent of government CIOs responding to the 2022 Gartner CIO survey indicated that they expect to allocate additional funding to cloud platforms in 2022, while 35 percent will decrease investments in legacy infrastructure and datacenter technologies."

    Continue reading
  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading

Biting the hand that feeds IT © 1998–2022