Get the Global IP Investigations and Enforcement Perspective

Industry content delivered straight to your inbox.
Email address
Secure and Spam free...

Arsenal Employed by Chinese State IP Thieves Have No Moral Limits

Historically, state-sponsored IP thieves have used legitimate-looking domains and email addresses to trick victims into opening an email and link that gives the thief access to the infrastructure of an institution’s network.

We call that trick “impersonation.”

But what if the email or domain is legitimate?

In other words, what if the IP thieves have gained the cooperation of insiders of that institution, thereby permitting the thieves to use that institution’s credentials to convince you of its legitimacy?

That we call something else. That we call “conspiracy.”

Well, that’s one of many things the Chinese state-sponsored IP thieves did (along with their co-conspirators) as detailed in a July 19, 2021, U.S. Department of Justice (DOJ) announcement:

“Four Chinese Nationals Working with the Ministry of State Security Charged with Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information… Alleges Three Defendants Were Officers in the Hainan State Security Department (HSSD), a provincial arm of China’s Ministry of State Security (MSS).

Typical of “impersonation” is what the IP thieves in this indictment did over the years:

“Members of the conspiracy registered and used malicious and deceptive web domains to store malware until it was used on a particular system, to send spear-phishing emails to intended victims, to store data stolen from victims, and as command and control domains for the purpose of controlling malware.”

But the IP thieves did not just rely on deceptive web domains:

“As alleged, the charged MSS officers coordinated with staff and professors at various universities in Hainan and elsewhere in China to further the conspiracy’s goals.

Not only did such universities assist the MSS in identifying and recruiting hackers and linguists to penetrate and steal from the computer networks of targeted entities, including peers at many foreign universities, but personnel at one identified Hainan-based university also helped support and manage Hainan Xiandun as a front company, including through payroll, benefits and a mailing address.”

FINAL THOUGHT

Chinese state hackers conspiring with Chinese educational institutions to steal.

Let that sink in.

Of course, none of this surprises us.

U.S. Officials Indict Four Chinese Nationals for State Sponsored Hacking

DisclaimerIPProbe.Global is a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, regarding the content provided in IPProbe.Global. We disclaim all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such persons and the accuracy and validity of the information provided by them. This blog is for general information only and not intended to provide legal or other professional advice.

Did you find this post useful?
I agree to have my personal information transfered to MailChimp ( more information )
Join other IP protection professionals, i.e., investigators, attorneys, and brand protection specialists and receive updates straight to your inbox.
We hate spam. Your email address will not be sold or shared with anyone else.

Ron Alvarez is an IP Investigations / Protection writer and licensed private investigator in New York City. He is a former NYPD lieutenant where he investigated robbery, narcotics, internal affairs, and fine art theft cases. Ron is a graduate of the FBI National Academy and earned a B.A. in Government and Public Administration from John Jay College of Criminal Justice in Manhattan. He has published a number of articles on various investigative topics for PI Magazine. Ron is certified by the Interpol-International IP Crime Investigators College (IIPCIC.) as a "Transnational and Organized Crime Intellectual Property (IP) Investigator."

1 comment on “Arsenal Employed by Chinese State IP Thieves Have No Moral Limits

  1. THOMAS MANLEY

    Thank you Ronald
    Seems True. No Limits. No Ethics. No Morals
    USA must invoke Vigilance
    Thank You
    Tom Manley, Special agent, FBI-Retired

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get the Global IP Investigations and Enforcement Perspective

Industry content delivered straight to your inbox.
Email address
Secure and Spam free...
%d bloggers like this: