The U.S. Department of Justice has charged seven APT31 hackers, but catching them could be a problem

The U.S. Department of Justice has unveiled an indictment against seven Chinese nationals believed to be operating within a China-backed hacking group called Advanced Persistent Threat 31 (APT31). The hackers are said to have been involved with the group since 2010 and have targeted U.S. businesses and politicians, as well as those perceived to be critical of China.

The defendants are 38-year-old Ni Gaobin, 37-year-old Weng Ming, 34-year-old Cheng Feng, 38-year-old Peng Yaowen, 38-year-old Sun Xiaohui, 35-year-old Xiong Wang and 38-year-old Zhao Guangzong. A major problem the United States will face in arresting these individuals is that they are all believed to be in China and supported by the Chinese government.

Commenting on the development, Attorney General Merrick B. Garland said:

"The Department of Justice will not tolerate the Chinese government intimidating Americans who serve the public, suppressing dissidents protected by U.S. law, or stealing from American businesses.
"This case reminds us that the Chinese government will stop at nothing to target and intimidate its critics, including launching malicious cyber operations designed to threaten the national security of the United States and our allies."

Outlining the damage caused by the group, the Justice Department said APT31 has targeted thousands of U.S. and foreign individuals and companies. These attacks resulted in successful compromises of targeted networks, email accounts, cloud storage accounts, and phone call records. In cases where email accounts are compromised, surveillance is said to continue for years.

In addition to the US authorities, the British government has also accused APT31 of carrying out cyber attacks on British institutions and individuals "important to our democracy". The UK's National Cyber Security Center (part of GCHQ) said the group was likely behind an online reconnaissance campaign targeting the email accounts of UK Members of Parliament (MPs) in 2021.

As well as targeting MPs critical of China, the country is also believed to have hacked into the UK Electoral Commission's computers between 2021 and 2022. The attackers likely obtained email data and electoral register data during this time period.

While those indicted are safe in China, traveling abroad can be dangerous as they could be arrested by authorities and extradited to the United States.

Source: U.S. Department of Justice, National Civil Service Commission