14 DAY TRIAL // The FBI has resorted to publicizing a list of cybercriminals who have been indicted for cyber offenses ranging from identity theft, computer fraud, hacking and wire fraud to distribution and creation of malware.
After compiling information in their database, the Bureau created the Cyber’s Most Wanted section on the public website.
Members of the Chinese People’s Liberation Army included on the list
First on the list is John Gordon Baden, a monetary reward of $5,000 / €4,000 being offered for information leading to his capture. This is not the largest bounty offered by the FBI, as the reward in the case of other individuals reaches $50,000 / €39,000.
Evgeniy Bogachev, the individual indicted for the creation of the Zeus botnet that stole financial information from victimized computers, is second on the list.
The next three places are occupied by members of the Chinese People’s Liberation Army (PLA) activating in Unit 61398, an advanced persistent threat (APT) division believed to be behind multiple cyber-espionage activities against organizations around the world.
Each of the PLA members (Sun Kailiang, Huang Zhenyu and Wen Xinyu) has been indicted for 31 criminal counts, economic espionage and theft of trade secrets being among them.
As per the FBI’s summary of the offenses, “each provided his individual expertise to an alleged conspiracy to penetrate the computer networks of six American companies while those companies were engaged in negotiations or joint ventures or were pursuing legal action with, or against, state-owned enterprises in China.”
The list of the most wanted cyber offenders continues with individuals involved in selling fraudulent software in more than 60 countries (Bjorn Daniel Sundin and Shaileshkumar P. Jain) or in breaking into the accounts of a major investment services company (Alexandr Sergeyevich Bobnev).
Reports of cyber-attacks hailing from China increase
In recent news, multiple security firms joined forces to crack down on a cyber-espionage group believed to operate out of China for at least four years.
Working under the name Operation SMN, the companies used collective intelligence to connect the dots between various attacks orchestrated by a group Symantec calls Hidden Lynx.
They uncovered a set of backdoor and Trojan programs that were used to penetrate the defenses of public infrastructure providers and government organizations in the US and Asia. The malware was also employed for lateral movement across the network and for exfiltrating sensitive information.
Despite the fact that only private companies were involved in the project, the FBI was probably provided information about methodology and tools used by the group. As a result, the Bureau sent a warning on Wednesday to different companies about cyber-attacks believed to originate from China.
According to Reuters, the alert included descriptions of the tools and methods employed by the attackers to reach their goal. The news agency obtained a copy of the document which included details about “a group of Chinese government affiliated cyber actors who routinely steal high-value information from U.S. commercial and government networks through cyber espionage.”