美國司法部記者會：有關起訴PLA竊取美國公民資料

【縛雞之見】

美國人口3.28億人，其中18歲以上成年人佔77.6％，65歲以上佔16％。意思是工作人口約為61.6％。

3.28億人*61.6％＝2億人。1.5億人/2億人＝3/4，每4名美國成年工作人口，有3人的資料掌握在中國解放軍手中。有了這些資料，就會美國工作人口產生財務風險、政治風險。

包括以這些資料來驗證中國對美國人民行為模式的AI有效性。

美國人不要去中國比較保險，因為不知道會發生什麼事情。

另外，姓「許」的人，名字叫「可」，變成一般用語「許可」，沒有人在網路上找得到這個人。這個人，因此在網路中隱形。

Attorney General William P. Barr Announces Indictment of Four Members of China’s Military for Hacking into Equifax

Washington, DC ~ Monday, February 10, 2020

Remarks as Prepared for Delivery

Good morning.  I am here to announce the indictment of Chinese military hackers – specifically, four members of the Chinese People’s Liberation Army – for breaking into the computer systems of the credit-reporting agency Equifax, and for stealing the sensitive personal information of nearly half of all American citizens, and also Equifax’s hard-earned intellectual property.

This was one of the largest data breaches in history.  It came to light in the summer of 2017, when Equifax announced the theft.  The scale of the theft was staggering.  As alleged in the indictment, the hackers obtained the names, birth dates, and social security numbers of nearly 150 million Americans, and the driver’s license numbers of at least 10 million Americans.  This theft not only caused significant financial damage to Equifax, but invaded the privacy of many millions of Americans, and imposed substantial costs and burdens on them as they have had to take measures to protect against identity theft.

As described in the indictment, the hackers broke into Equifax’s network through a vulnerability in the company’s dispute resolution website.  Once in the network, the hackers spent weeks conducting reconnaissance, uploading malicious software, and stealing login credentials, all to set the stage to steal vast amounts of data from Equifax’s systems.  While doing this, the hackers also stole Equifax’s trade secrets, embodied by the compiled data and complex database designs used to store the personal information.  Those trade secrets were the product of decades of investment and hard work by the company.

Today’s announcement comes after two years of investigation.  According to the nine-count indictment handed down by a grand jury in Atlanta, four members of the Chinese People’s Liberation Army, or PLA – Wang Qian, Wu Zhiyong, Xu Ke, and Liu Lei – are alleged to have conspired to hack Equifax’s computer systems and commit economic espionage.  In doing so, they are alleged to have damaged Equifax’s computer systems and to have committed wire fraud.

This kind of attack on American industry is of a piece with other Chinese illegal acquisitions of sensitive personal data.  For years, we have witnessed China’s voracious appetite for the personal data of Americans, including the theft of personnel records from the U.S. Office of Personnel Management, the intrusion into Marriott hotels, and Anthem health insurance company, and now the wholesale theft of credit and other information from Equifax.  This data has economic value, and these thefts can feed China’s development of artificial intelligence tools as well as the creation of intelligence targeting packages.

In addition to thefts of sensitive personal data, our cases reveal a pattern of state-sponsored computer intrusions and thefts by China targeting trade secrets and confidential business information: hacks by a group known as APT 10, which worked in association with the Chinese Ministry of State Security, or MSS, to target managed service providers and their clients worldwide across industries; hacks by MSS intelligence officers who sought to steal intellectual property related to turbofan engines by using both insiders and computer operations, and; hacks by PLA officers who targeted victims in the nuclear power, metals, and solar products industries for the economic benefit of Chinese companies.  Indeed, about 80 percent of our economic espionage prosecutions have implicated the Chinese government, and about 60 percent of all trade secret theft cases in recent years involved some connection to China.

We do not normally bring criminal charges against the members of another country’s military or intelligence services outside the United States.  In general, traditional military and intelligence activity is a separate sphere of conduct that ought not be subject to domestic criminal law.  There are exceptions to this rule, of course.  For instance, we have brought charges against intelligence officers operating undercover in the United States.  And more recently, we have charged state-sponsored actors for computer intrusions into the United States for the purpose of intellectual property theft for the use of their private sector, bank robbery, and interfering with our democratic elections.  Like those cases, the deliberate, indiscriminate theft of vast amounts of sensitive personal data of civilians, as occurred here, cannot be countenanced.  

The United States, like other nations, has gathered intelligence throughout its history to ensure that national security and foreign policy decision-makers have access to timely, accurate, and insightful information.  But we collect information only for legitimate national security purposes; we do not indiscriminately violate the privacy of ordinary civilians.

Today’s indictment would not have been possible without the hard work of a dedicated team of FBI agents and federal prosecutors in Atlanta and here in Washington, D.C.  In addition, the Department’s Office of International Affairs provided valuable assistance in working with other nations to secure evidence located overseas.  Notably, Equifax cooperation throughout the investigation was critical to our development of the case.

I would like to now invite U.S. Attorney B. Jay Pak to provide remarks.