Opinion | Charges against Chinese nationals are likely only the beginning of a US ramp-up in legal action against China-based hackers

The announcement of charges against two Chinese nationals by the US Department of Justice earlier this year in connection with various alleged computer intrusion crimes might seem like yet another salvo in the growing cold war between Beijing and Washington.

But it’s part of something much greater. The United States appears to be working to find a way to deter, and build an international norm against, state-backed espionage against private companies. The indictment of the Chinese nationals is part of a broader pattern being undertaken by the Trump administration, iterating on the previous administration’s softer approach that had favoured diplomacy over hitting wrongdoers with criminal charges.

On December 20, US Deputy Attorney General Rod J. Rosenstein announced the criminal indictment of two individuals – Zhu Hua and Zhang Shilong – who were alleged to be part of a China-based hacking group known to the information security community as APT10 – an acronym for “advanced persistent threat”, a type of cyberattack in which the attacker gains and maintains unauthorised access to a targeted network.

“We want China to cease illegal cyber activities and honour its commitment to the international community, but the evidence suggests that China may not intend to live up to its promises,” Rosenstein said.

This latest indictment must be placed in context to be fully understood. The charges against the two named individuals allegedly affiliated with APT10 come after the US Justice Department unsealed complaints against Russian hackers, Iranian hackers and Park Jin Hyok, a North Korean hacker who, along with the Reconnaissance General Bureau, was involved in the 2014 hack against Sony Pictures Entertainment and other major attacks, including the global WannaCry ransomware attack.