U.S. arrests Chinese citizen for ‘Sakula’ cyberattacks

Newsletter

A summary of the top news in Chinese politics and current affairs for August 25, 2017. Part of the daily SupChina newsletter, a convenient package of China’s business, political, and cultural news delivered to your inbox for free. Subscribe here.

Brazilian Institutional Security Minister Sergio Etchegoyen, Indian National Security Advisor Ajit Doval, South African Minister of State Security David Mahlobo and Russian Security Council Secretary Nikolai Patrushev meet with Chinese President Xi Jinping and other Chinese officials a the Great Hall of the People in Beijing, China July 28, 2017. REUTERS/Ng Han Guan/Pool

In 2015, U.S.-China relations were shaken by revelations that American government computers, as well as the systems of several private insurance companies, had been hacked in years prior dating back to 2012. The American government blamed Chinese hackers for the attacks, an accusation the Chinese government called “irresponsible and unscientific.”

Now, over two years since those revelations, the U.S. Justice Department has arrested a 36-year-old Chinese citizen, Yu Pingan, for “conspiring with two other Chinese nationals to hack the computer networks of three unnamed companies in the United States,” the New York Times reports (paywall). The Times notes that the arrest is “one of the first brought against a Chinese national since a 2015 agreement between President Barack Obama and President Xi Jinping of China to refrain from computer-related theft of industrial trade secrets.”

The hacking tool that the Justice Department linked Yu to was known as “Sakula,” a program that the FBI says was used to obtain the personal information of 21.5 million U.S. government workers and even job applicants, CNN notes. While Yu was not arrested explicitly for the hacking of U.S. government assets, the Justice Department appears to have identified him as “among a small group of hackers using the malicious code” that was deployed against the U.S. government, the Times says.

It is the first high-profile indictment of a Chinese citizen by the U.S. since the 2014 indictment of five members of a Shanghai-based People’s Liberation Army unit. Those hackers were never turned over to the U.S. government; Yu Pingan was apprehended at the Los Angeles airport when he came stateside for a conference.