The United States and the United Kingdom have taken significant action against a group of China-linked hackers accused of targeting critical infrastructure in the U.S. The coordinated effort involves indictments, sanctions, and a rewards program aimed at thwarting the activities of these cyber operatives. The U.S. Department of Justice has unsealed indictments against several individuals, including Zhao Guangzong and Ni Gaobin, believed to be connected to the Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), suspected to be a front for the Chinese Ministry of State Security (MSS). Additionally, the Office of Foreign Assets Control (OFAC) has sanctioned Wuhan XRZ and the two Chinese nationals for their roles in the cyber operations, which pose a direct threat to national security.
The hackers are affiliated with the state-sponsored Advanced Persistent Threat group 31 (APT 31), known for sophisticated cyber espionage campaigns. The sanctions imposed by OFAC under Executive Order (E.O.) 13694, amended by E.O. 13757, limit the ability of the targeted individuals and entities to access the U.S. financial system. This joint action by the U.S. Department of Justice, the FBI, the Department of State, and the UK Foreign, Commonwealth & Development Office (FCDO) underscores a unified stance against cyber threats and aims to deter future malicious cyber activities.
In addition to sanctions, the U.S. Department of State has announced a Rewards for Justice offer, seeking information on the indicted individuals, organizations, or associated entities to prevent future cyber-attacks and bring perpetrators to justice. The sanctions and rewards program aim to signal to potential cyber actors that such actions will have serious consequences and demonstrate a commitment to protecting critical infrastructure and national security. This collaborative effort emphasizes the importance of international cooperation in addressing the escalating challenge of state-sponsored cyber threats.
