Speaking at the CyberNext security conference in Washington today, a top Department of Justice official explained the DOJ's recent proclivity for indicting members of foreign cyber-espionage units, something that no other country except the US has done until now.
The DOJ official's comments came after the US justice system has been recently heavily criticized for their actions.
Until now, members of government-backed hacking units have been considered off limits in terms of criminal prosecution, being awarded the same protections as intelligence officers and military combatants. Many legal experts argued that these "hackers" had not committed any crimes because they merely acted on orders received from superiors executing intelligence gathering operations.
But in recent years, the US has broken this unwritten rule among nations with cyber capabilities.
The first indictment came in 2014 when the US charged five Chinese hackers[1], members of Unit 61398 of the Third Department of the Chinese People's Liberation Army (PLA) for hacks against a slew of US government agencies and private companies (ATI, US Steel, SolarWorld, Westinghouse, others).
The US then charged another three Chinese hackers in 2017[2], claiming they hacked US companies on behalf of the Chinese state under the guise of Boyusec, a Chinese cyber-security company.
Then in March 2018, the US charged nine Iranian hackers[3] employed by the Mabna Institute. The DOJ claimed the nine hacked on behalf of Iran's Islamic Revolutionary Guard Corps.
The next indictment came in July 2018, when the US charged 12 Russian hackers for the DNC hack[4]. The indictment included charges against members of Unit 26165 of the Russian Main Intelligence Directorate (GRU), the country's foreign intelligence service.
Last month, the DOJ also indicted a