One of the most ominous mysteries surrounding the massive Equifax hack in 2017 — that the stolen data does not appear to have been used for any crimes — has apparently been solved. The U.S. Justice Department said on Monday that the Chinese government was behind the notorious hack, indicting four members of the Chinese military for the attack, which impacted roughly half of U.S. adults.
China is hoarding the stolen data for some future, more serious research or intelligence use, the U.S. government alleges.
The accusation brings out into the open a festering digital cold war between the two superpowers, and openly alleges what many cybersecurity observers have long suspected: that China is building a vast database of personal information on millions of U.S. citizens. The Equifax hack follows similar hacks of the federal government’s Office of Personnel Management and health insurer Anthem. Combining information from these various hacks, a state actor would be able to build highly accurate dossiers on millions of Americans. The data could be used for both commercial and military purposes — as a testbed for artificial intelligence applications, or hoarded for intelligence agency usage later.
“For years, we have witnessed China’s voracious appetite for the personal data of Americans,” Attorney General William Barr said at a Monday press conference. “This data has economic value, and these thefts can feed China’s development of artificial intelligence tools as well as the creation of intelligence targeting packages.”
Barr alleged the data theft by a Chinese military operation was particularly egregious because it targeted non-military victims.
“We do not indiscriminately violate the privacy of ordinary civilians,” Barr said.
There were a few new details in the indictment about how the hack occurred (a topic I explored in depth in our Equifax hack podcast). The indictment alleges that the four hackers used sophisticated techniques to hide their tracks. For example, they used 34 servers in 20 countries to infiltrate the Equifax network. Once there, they blended in with normal network activity by using existing encrypted communications channels within Equifax servers. As is customary, they covered their tracks by creating compressed database files before exfiltrating the stolen data, deleted them when they left, also wiped server logs clean.
David Bowdich, the deputy director of the F.B.I, said officials have not yet found evidence that the Chinese government has used the data from the Equifax hacking.
The indictment blames Beijing residents Wu Zhiyong, Wang Qian, Xu Ke and Liu Le for the attack. The four face charges of conspiracy, computer fraud and abuse, economic espionage and wire fraud.
Click play below to begin the Equifax hack podcast.