It Was The Chinese Army That Hacked Equifax

US has charged four Chinese military officers for cyber-attacks on credit rating giant Equifax in 2017 and stealing the personal information of about 145 million Americans. Millions of Canadian and British customers were also affected by the cyber-attack, which has been described as one of the largest data breaches in history.

Between May and the end of July 2017, the hackers stole 145.5 million social security numbers and 209,000 payment card numbers and expiration dates as well as names and addresses and Equifax’s company secrets, according to US Law Enforcement officials.

The charges against the men include conspiracy to commit computer fraud, conspiracy to commit economic espionage and conspiracy to commit wire fraud.In an indictment handed up by a grand jury in Atlanta, the men face nine counts including conspiracy to commit computer fraud and conspiracy to commit economic espionage. 

Attorney General William Barr, who announced the charges, called it the latest example of what he said was a sweeping campaign by China's government to steal seemingly endless amounts of data from the United States. "Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets and other confidential information," Barr said.

Equifax, which is based in Atlanta, compiles information on millions of Americans as part of the loan and finance system. Last year, it paid up to $700 million in fines and monetary relief to consumers.
The four men who have been charged are members of the 54th Research Institute of the People's Liberation Army, according to the indictment. 

Cyber Attack Access
The defendants illegally accessed Equifax's network through a vulnerability in the company's online dispute portal, prosecutors say. Once inside the system, they vacuumed up names, birth dates and social security numbers for 145 million Americans, nearly half of all Americans. They stole credit card numbers and other information for some 200,000 Americans as well as Equifax trade secrets, the indictment says."For years, we have witnessed China's voracious appetite for the personal data of Americans, including the theft of personnel records from the Office of Personnel Management, the intrusion into Marriott Hotels and Anthem health insurance companies, and now the wholesale theft of credit and other information from Equifax," Barr said.

"This data has economic value," he added, "and these thefts can feed China's development of artificial intelligence tools, as well as the creation of intelligence targeting packages."

The FBI's deputy director, David Bowdich, said there's no indication at this point that the stolen information has been used, including to target U.S. government officials. Prosecutors say the hackers tried to cover their tracks to avoid detection by routing their work through around 34 servers located in nearly 20 countries.

Cyber War 
The charges recently announced are the latest against Chinese or China-linked defendants in a string of Justice Department prosecutions, part of what Barr and other officials call a huge wave of espionage activity, including economic, directed at the US. 

Equifax CEO Mark Begor said in a statement on Monday that his company has tried to keep pace with cybersecurity but the sophistication of threats like that posed by China would test any company, or other targets. "Combating this challenge from well-financed nation-state actors that operate outside the rule of law is increasingly difficult," he said. "Fighting this cyberwar will require the type of open cooperation and partnership between government, law enforcement and private business that we have experienced firsthand."

Equifax was also fined £500,000 by the UK’s Information Commissioner’s Office for failing to protect the personal information of up to 15 million British consumers.

One year after the attacks Equifax reportedly spent more than £1 billion in clean-up costs and to overhaul its information security programme.As well as financial reimbursement, the company must also provide all of its US customers with six free credit reports every year for seven years.

NPR:     The Week:         DIGIT:      BBC:        Washington Examiner

You Might Also Read: 

The Financial Services Industry Just Does Not Get It:

Equifax: Insider Trading Charges:

 

 

« Cyber Attacks On Banks Could Trigger Financial Crisis
Labour Party Risks £15m Fine For Not protecting Members' Data »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

National Security Authority (NBU) - Slovakia

National Security Authority (NBU) - Slovakia

The National Security Authority (NBU) is the central government body in Slovakia for the Protection of Classified Information, Cryptographic Services, Trust Services and Cyber Security.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

Terralogic

Terralogic

Terralogic is a software and IT services company, an expert in IoT, Cloud, DevOps, App development and Cybersecurity.

Motorola Solutions

Motorola Solutions

Motorola Solutions build mission-critical services, software, video and analytics, backed by secure, resilient land mobile radio communications.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

CrowdSec

CrowdSec

CrowdSec is an open-source & participative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

Firesand

Firesand

Based in Milton Keynes, Firesand Ltd provides penetration testing services to improve your cyber security and protect your company against hackers.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.

Blackwire Labs

Blackwire Labs

Blackwire.ai is the first multidisciplinary cybersecurity advisor, powered by AI and trained by cybersecurity experts to enhance your team's capabilities and improve resilience.

Harmony Intelligence

Harmony Intelligence

Harmony builds cutting-edge defensive AI products that safeguard people and critical infrastructure around the world from AI-powered threats.