Abovfold: Created
{{Infobox government agency
| name = Hainan State Security Department
| native_name_a = {{zh|海南省国家安全厅}}
| type = department
| logo = China Ministry of State Security insignia.png
| logo_size = 180px
| logo_caption =
| image =
| image_size = 230px
| image_caption =
| formed = {{start date and age|1984|4}}
| preceding1 = Hainan Public Security Bureau counterintelligence
| jurisdiction = [[Hainan province]]
| headquarters = No. 176 Nanhai Avenue, [[Xiuying District]], [[Haikou]], Hainan, China<br/>{{Coord|19.99667|110.28133|display=inline,title}}
| employees = Classified
| budget = Classified
| chief1_name =
| chief1_position = Director
| parent_agency = [[Ministry of State Security (China)|Ministry of State Security]]
| website =
| parent_agency_type = ministry
}}
The '''Hainan State Security Department''' ('''HSSD'''; {{Zh|s=海南省国家安全厅}}) is a [[Provinces of China|provincial]] department of the Chinese [[Ministry of State Security (China)|Ministry of State Security]] responsible for [[national security]] and [[Secret police|secret policing]] in the contiguous island province of [[Hainan]], headquartered in [[Haikou]]. Members of the Hainan SSD have badge numbers with prefixes beginning with "46xxxx".<ref>{{Cite web |date=2020-01-16 |title=APT40 is run by the Hainan department of the Chinese Ministry of State Security |url=https://intrusiontruth.wordpress.co...nt-of-the-chinese-ministry-of-state-security/ |access-date=2023-12-06 |website=Intrusion Truth |language=en}}</ref> The HSSD is best known for operating the [[advanced persistent threat]] (APT) number 40.
== Advanced persistent threat actor ==
{{Main|APT40}}
The Hainan State Security Department is behind the [[advanced persistent threat]] known as [[APT40]].<ref name=":0">{{Cite web |date=2021-07-19 |title=Four Chinese Nationals Working with the Ministry of State Security Charged with Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information, Including Infectious Disease Research |url=https://www.justice.gov/opa/pr/four...te-security-charged-global-computer-intrusion |access-date=2023-08-07 |website=[[United States Department of Justice]] |language=en}}</ref><ref name=":1">{{Cite news |last=Mozur |first=Paul |last2=Buckley |first2=Chris |date=2021-08-26 |title=Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship (Published 2021) |language=en |work=[[The New York Times]] |url=https://www.nytimes.com/2021/08/26/technology/china-hackers.html |access-date=2023-08-07}}</ref><ref>{{Cite web |last=Khoury |first=Syrine |date=2021-07-19 |title=Statement on China’s cyber campaigns |url=https://www.canada.ca/en/global-affairs/news/2021/07/statement-on-chinas-cyber-campaigns.html |access-date=2023-12-06 |website=[[Global Affairs Canada]] |quote="APT 40 almost certainly consists of elements of the Hainan State Security Department’s regional MSS office. This group’s cyber activities targeted critical research in Canada’s defence, ocean technologies and biopharmaceutical sectors in separate malicious cyber campaigns in 2017 and 2018."}}</ref>
In May 2021, a US federal grand jury in [[San Diego]], [[California]], returned an indictment against four hackers of the Hainan SSD for hacking attributed to the Hainan Xiandun Technology Development Co., Ltd. (海南仙盾) (Hainan Xiandun), a since disbanded [[Front organization|front company]], to operate out of Haikou, Hainan Province.<ref name=":0" /><ref>{{Cite web |date=2021-07-20 |title=Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department {{!}} CISA |url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-200a |access-date=2023-08-07 |website=[[Cybersecurity and Infrastructure Security Agency]] |language=en}}</ref><ref>{{Cite web |date=19 July 2021 |title=UK and allies hold Chinese state responsible for a pervasive pattern of hacking |url=https://www.gov.uk/government/news/...esponsible-for-a-pervasive-pattern-of-hacking |access-date=2023-08-07 |website=[[Foreign, Commonwealth & Development Office]] |language=en}}</ref>
The two-count indictment alleged that Ding Xiaoyang ({{Zh|s=丁晓阳|labels=no}}), Cheng Qingmin ({{Zh|s=程庆民|labels=no}}) and Zhu Yunmin ({{Zh|s=朱允敏|labels=no}}), were HSSD officers responsible for coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies to conduct hacking for the benefit of China and its state-owned and sponsored instrumentalities. The indictment alleges that Wu Shurong ({{Zh|s=吴淑荣|labels=no}}) was a computer hacker who, as part of his job duties at Hainan Xiandun, created malware, hacked into computer systems operated by foreign governments, companies and universities, and supervised other Hainan Xiandun hackers.<ref name=":0" /><ref name=":1" />
=== Targets ===
APT40's campaigns have targeted a range of victims originating in the United States, [[Austria]], [[Cambodia]], [[Canada]], [[Germany]], [[Indonesia]], [[Malaysia]], [[Norway]], [[Saudi Arabia]], [[South Africa]], [[Switzerland]] and the [[United Kingdom]].<ref name=":0" /> Targeted industries included, among others, aviation, defense, education, government, healthcare, biopharmaceuticals and maritime.<ref name=":0" /><ref name=":1" />
Stolen trade secrets and confidential business information included, among other things, sensitive technologies used for [[Submersible|submersibles]] and [[Vehicular automation|autonomous vehicles]], specialty chemical formulas, commercial aircraft servicing, proprietary [[DNA sequencer|genetic-sequencing technology]] and data, and foreign information to support China’s efforts to secure contracts for state-owned enterprises within the targeted country (''e.g.'', large-scale high-speed railway development projects).<ref name=":0" />
In the most concerning instances, hackers from the Hainan SSD targeted research on [[Pathogen|highly pathogenic]] biological agents including [[Ebola]], [[MERS]], [[HIV/AIDS]], [[Marburg]] and [[tularemia]], several of which have been historically weaponized as [[biological warfare]] agents.<ref name=":0" /><ref name=":1" /><ref>{{Cite web |last=Cimpanu |first=Catalin |date=July 18, 2021 |title=US indicts four members of Chinese hacking group APT40 |url=https://therecord.media/us-indicts-four-members-of-chinese-hacking-group-apt40 |access-date=2023-08-07 |website=The Record}}</ref>
The indictment charged the Hainan MSS officers with coordinating [[Intelligence requirement|intelligence requirements]] with academics at universities in Hainan and elsewhere in China. Not only did such universities assist the MSS in identifying and recruiting hackers and linguists to penetrate and steal from the computer networks of targeted entities, including peers at many foreign universities, but personnel at one identified Hainan-based university also helped support and manage Hainan Xiandun as a front company, including through payroll, benefits and a mailing address.<ref name=":0" />
== List of directors ==
{| class="wikitable"
!Name
!Entered office
!Left office
!Time in office
!ref.
|-
|Xiong Fangming (熊方明)
|February 29, 2008
|2013
|5 years
|<ref>{{Cite web |title=海南省國家安全廳 - 怪猫的图书资源库 |trans-title=Hainan Provincial Department of State Security |url=http://biographicdb.fudan.edu.cn/bookstore/Units/Details/d3ddb48b-2199-4e58-b606-78fd9c832a63 |access-date=2023-08-10 |website=[[Fudan University]] |language=zh-CHN}}</ref>
|-
|Unknownf1
|2013
|March 31, 2015
|2 years
|
|-
|Chen Haijun (陈海军)
|March 31, 2015
|Unknown
|Unknown
|<ref>{{Cite web |title=Chen Haijun |url=https://baike.baidu.hk/item/陈海军/17039509 |access-date=2023-12-06 |website=百度百科}}</ref>
|}
== References ==
{{Reflist}}{{MSS|state=expanded}}
Okumaya devam et...
{{Infobox government agency
| name = Hainan State Security Department
| native_name_a = {{zh|海南省国家安全厅}}
| type = department
| logo = China Ministry of State Security insignia.png
| logo_size = 180px
| logo_caption =
| image =
| image_size = 230px
| image_caption =
| formed = {{start date and age|1984|4}}
| preceding1 = Hainan Public Security Bureau counterintelligence
| jurisdiction = [[Hainan province]]
| headquarters = No. 176 Nanhai Avenue, [[Xiuying District]], [[Haikou]], Hainan, China<br/>{{Coord|19.99667|110.28133|display=inline,title}}
| employees = Classified
| budget = Classified
| chief1_name =
| chief1_position = Director
| parent_agency = [[Ministry of State Security (China)|Ministry of State Security]]
| website =
| parent_agency_type = ministry
}}
The '''Hainan State Security Department''' ('''HSSD'''; {{Zh|s=海南省国家安全厅}}) is a [[Provinces of China|provincial]] department of the Chinese [[Ministry of State Security (China)|Ministry of State Security]] responsible for [[national security]] and [[Secret police|secret policing]] in the contiguous island province of [[Hainan]], headquartered in [[Haikou]]. Members of the Hainan SSD have badge numbers with prefixes beginning with "46xxxx".<ref>{{Cite web |date=2020-01-16 |title=APT40 is run by the Hainan department of the Chinese Ministry of State Security |url=https://intrusiontruth.wordpress.co...nt-of-the-chinese-ministry-of-state-security/ |access-date=2023-12-06 |website=Intrusion Truth |language=en}}</ref> The HSSD is best known for operating the [[advanced persistent threat]] (APT) number 40.
== Advanced persistent threat actor ==
{{Main|APT40}}
The Hainan State Security Department is behind the [[advanced persistent threat]] known as [[APT40]].<ref name=":0">{{Cite web |date=2021-07-19 |title=Four Chinese Nationals Working with the Ministry of State Security Charged with Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information, Including Infectious Disease Research |url=https://www.justice.gov/opa/pr/four...te-security-charged-global-computer-intrusion |access-date=2023-08-07 |website=[[United States Department of Justice]] |language=en}}</ref><ref name=":1">{{Cite news |last=Mozur |first=Paul |last2=Buckley |first2=Chris |date=2021-08-26 |title=Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship (Published 2021) |language=en |work=[[The New York Times]] |url=https://www.nytimes.com/2021/08/26/technology/china-hackers.html |access-date=2023-08-07}}</ref><ref>{{Cite web |last=Khoury |first=Syrine |date=2021-07-19 |title=Statement on China’s cyber campaigns |url=https://www.canada.ca/en/global-affairs/news/2021/07/statement-on-chinas-cyber-campaigns.html |access-date=2023-12-06 |website=[[Global Affairs Canada]] |quote="APT 40 almost certainly consists of elements of the Hainan State Security Department’s regional MSS office. This group’s cyber activities targeted critical research in Canada’s defence, ocean technologies and biopharmaceutical sectors in separate malicious cyber campaigns in 2017 and 2018."}}</ref>
In May 2021, a US federal grand jury in [[San Diego]], [[California]], returned an indictment against four hackers of the Hainan SSD for hacking attributed to the Hainan Xiandun Technology Development Co., Ltd. (海南仙盾) (Hainan Xiandun), a since disbanded [[Front organization|front company]], to operate out of Haikou, Hainan Province.<ref name=":0" /><ref>{{Cite web |date=2021-07-20 |title=Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department {{!}} CISA |url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-200a |access-date=2023-08-07 |website=[[Cybersecurity and Infrastructure Security Agency]] |language=en}}</ref><ref>{{Cite web |date=19 July 2021 |title=UK and allies hold Chinese state responsible for a pervasive pattern of hacking |url=https://www.gov.uk/government/news/...esponsible-for-a-pervasive-pattern-of-hacking |access-date=2023-08-07 |website=[[Foreign, Commonwealth & Development Office]] |language=en}}</ref>
The two-count indictment alleged that Ding Xiaoyang ({{Zh|s=丁晓阳|labels=no}}), Cheng Qingmin ({{Zh|s=程庆民|labels=no}}) and Zhu Yunmin ({{Zh|s=朱允敏|labels=no}}), were HSSD officers responsible for coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies to conduct hacking for the benefit of China and its state-owned and sponsored instrumentalities. The indictment alleges that Wu Shurong ({{Zh|s=吴淑荣|labels=no}}) was a computer hacker who, as part of his job duties at Hainan Xiandun, created malware, hacked into computer systems operated by foreign governments, companies and universities, and supervised other Hainan Xiandun hackers.<ref name=":0" /><ref name=":1" />
=== Targets ===
APT40's campaigns have targeted a range of victims originating in the United States, [[Austria]], [[Cambodia]], [[Canada]], [[Germany]], [[Indonesia]], [[Malaysia]], [[Norway]], [[Saudi Arabia]], [[South Africa]], [[Switzerland]] and the [[United Kingdom]].<ref name=":0" /> Targeted industries included, among others, aviation, defense, education, government, healthcare, biopharmaceuticals and maritime.<ref name=":0" /><ref name=":1" />
Stolen trade secrets and confidential business information included, among other things, sensitive technologies used for [[Submersible|submersibles]] and [[Vehicular automation|autonomous vehicles]], specialty chemical formulas, commercial aircraft servicing, proprietary [[DNA sequencer|genetic-sequencing technology]] and data, and foreign information to support China’s efforts to secure contracts for state-owned enterprises within the targeted country (''e.g.'', large-scale high-speed railway development projects).<ref name=":0" />
In the most concerning instances, hackers from the Hainan SSD targeted research on [[Pathogen|highly pathogenic]] biological agents including [[Ebola]], [[MERS]], [[HIV/AIDS]], [[Marburg]] and [[tularemia]], several of which have been historically weaponized as [[biological warfare]] agents.<ref name=":0" /><ref name=":1" /><ref>{{Cite web |last=Cimpanu |first=Catalin |date=July 18, 2021 |title=US indicts four members of Chinese hacking group APT40 |url=https://therecord.media/us-indicts-four-members-of-chinese-hacking-group-apt40 |access-date=2023-08-07 |website=The Record}}</ref>
The indictment charged the Hainan MSS officers with coordinating [[Intelligence requirement|intelligence requirements]] with academics at universities in Hainan and elsewhere in China. Not only did such universities assist the MSS in identifying and recruiting hackers and linguists to penetrate and steal from the computer networks of targeted entities, including peers at many foreign universities, but personnel at one identified Hainan-based university also helped support and manage Hainan Xiandun as a front company, including through payroll, benefits and a mailing address.<ref name=":0" />
== List of directors ==
{| class="wikitable"
!Name
!Entered office
!Left office
!Time in office
!ref.
|-
|Xiong Fangming (熊方明)
|February 29, 2008
|2013
|5 years
|<ref>{{Cite web |title=海南省國家安全廳 - 怪猫的图书资源库 |trans-title=Hainan Provincial Department of State Security |url=http://biographicdb.fudan.edu.cn/bookstore/Units/Details/d3ddb48b-2199-4e58-b606-78fd9c832a63 |access-date=2023-08-10 |website=[[Fudan University]] |language=zh-CHN}}</ref>
|-
|Unknownf1
|2013
|March 31, 2015
|2 years
|
|-
|Chen Haijun (陈海军)
|March 31, 2015
|Unknown
|Unknown
|<ref>{{Cite web |title=Chen Haijun |url=https://baike.baidu.hk/item/陈海军/17039509 |access-date=2023-12-06 |website=百度百科}}</ref>
|}
== References ==
{{Reflist}}{{MSS|state=expanded}}
Okumaya devam et...