DOJ Press Conference Transcript September 16: Charges Against 5 Chinese Nationals

Speaker 1: (00:00) Attorney general, then we're going to be followed by the D.C. U.S. Attorney Michael Sherwin followed by the FBI David Bowdich and then assistant director in charge of the Washington field office FBI James Dawson. Also on stage but not speaking but available for Q&A is the assistant attorney general for national security John Demers. The way that the press conference will work is they will each come out and make brief remarks. We'll ask the operator to open the line for questions. Follow the operator's instructions on how to do that. All questions are coming in through the phone line because this is a virtual press conference. You'll get one question and if you need a follow-up just [inaudible 00:00:46] but we're probably not going to get through all of the questions in the initial phase of the press conference but we are doing immediately following the press conference when the principals leave and the cameras go down those on the phone line are welcome to remain behind for a case briefing and then we will get to all of your questions. So we're going to be back in about a minute so I'd like ... Operator, please keep the line open and we'll be right back and we'll go right into a start. Thank you. Jeff Rosen: (02:31) All right, well good morning. Thanks for being here today. I'm Jeff Rosen and with me are FBI Deputy Director David Bowdich, Assistant Attorney General for National Security John Demers, Acting U.S. Attorney for the District of Columbia Michael Sherwin, and Acting Assistant Director in charge of the FBI's Washington, D.C. Field Office James Dawson. We're here today to announce coordinated, wide-ranging actions to disrupt the malicious cyber activities of a group commonly referred to as Advanced Persistent Threat 41 or APT41 as well as a related international criminal enterprise involving APT41 actors. Jeff Rosen: (03:15) Cyber security experts have referred to APT41's activities as one of the broadest campaigns by Chinese cyber espionage actors in recent years. We are announcing today multiple efforts to disrupt these activities. First and foremost is that we have unsealed three indictments that collectively charge five Chinese nationals with computer hacking and charge two Malaysian nationals for helping some of those hackers target victims and sell the fruits of their hacking. Our charges allege two distinct categories of criminal conduct. First, as the core of APT41's computer hacking, the Chinese defendants targeted well over 100 victims worldwide in a variety of industries and sectors that are sadly part of the standard target list for Chinese hackers. These criminal acts were turbocharged by a sophisticated technique referred to as a supply chain attack in which the Chinese hackers compromised software that providers around the world had and modified the provider's code to install back doors that enabled further hacks against the software provider's customers. Second, and as an additional method of making money, several of the Chinese defendants compromised the networks of video game companies worldwide. That's a billion dollar industry and defrauded them of in-game resources. Two of the Chinese defendants stand accused with two Malaysian defendants of selling those resources on the black market through their illicit website. Jeff Rosen: (05:05) Now in addition to these unsealed indictments, I'm pleased to announce that through the cooperation of the Malaysian law enforcement authorities, the two Malaysian defendants were arrested on Sunday evening and now face extradition proceedings, so we have the indictments and two arrests, identifying those responsible and holding them to account is our primary mission but criminal investigation and prosecution alone are not enough to make the internet safer. Jeff Rosen: (05:38) So there's a third part of today's announcement. Specifically, in addition to these criminal charges and the two arrests, the Department of Justice and the FBI have been working with seven private sector partners, including Microsoft, Facebook, Google, Verizon Media and others to identify and neutralize the computer infrastructure that APT41 uses to conduct its crimes. Its virtual private servers, malware, malicious domains, and other tools. We have done this through a combination of public and private actions including technical measures to block this threat actor from accessing victims' computer systems, issuing a public safety announcement outlining their tactics, techniques and procedures to aid network defenders, and by taking control of or otherwise disabling their accounts pursuant to court orders and terms of service violations. Jeff Rosen: (06:43) The bottom line is that we have used every tool at the department's disposal to disrupt these APT41 activities. Now ideally, I would be thanking Chinese law enforcement authorities for their cooperation in the matter and the five Chinese hackers would now be in custody awaiting trial. Unfortunately, the record of recent years tells us that the Chinese Communist Party has a demonstrated history of choosing a different path, that of making China safe for their own cyber criminals as long as they help with its goals of stealing intellectual property and stifling freedom. Jeff Rosen: (07:22) Less than two months ago, Assistant Attorney General Demers was at this podium to announce an indictment in another hacking case in which the Chinese government tolerated the defendants' criminal activity because those defendants were willing to work on behalf of the Chinese intelligence services, and here we are again. In this case, one of the Chinese defendants is accused of boasting to a colleague that he was "very close to the Ministry of State Security and would be protected" unless something very big happens. The hacker and his associates agreed not to "touch domestic stuff anymore". We know the Chinese authorities to be at least as able as the law enforcement authorities here and in like-minded states to enforce laws against computer intrusions, but they don't do so. Jeff Rosen: (08:14) Know this. No country can be respected as a global leader while paying only lip service to the rule of law and without taking steps to disrupt brazen criminal acts like this. No responsible government knowingly shelters cyber criminals that target victims worldwide in acts of [inaudible 00:08:34] theft. Responsible nations not only condemn criminal conduct, they root it out and punish it. Responsible nations disavow criminals within their borders and bring them to justice. Responsible nations work with other countries' law enforcement authorities to ensure that justice is served in a court of law. The PRC has done none of these things. Jeff Rosen: (08:59) So you can take three additional observations from this conference today. First, the Chinese government has the power to help stop crimes like this. Second, the Chinese government has made a deliberate choice to allow its citizens to commit computer intrusions and attacks around the world because these actors will also help the PRC, but third, the Department of Justice will do everything it can to disrupt these crimes by exposing the techniques, tactics and procedures used by APT41, by enabling the private sector to disable them, and by working with our law enforcement colleagues all around the globe to arrest the hackers when we can as with the two today. Jeff Rosen: (09:45) We appreciate our partnerships with the private sector as I said in this instance including Microsoft, Facebook, Google and Verizon Media, and our partnerships with foreign law enforcement partners who have been a force multiplier in these fights against international criminals. Such partnerships send a clear message that governments and the private sector are prepared to work together to defend against significant cyber threats. Jeff Rosen: (10:15) Today, on top of al the measures I've mentioned already, we are exposing this threat to the international community, to cybersecurity experts and to the greater public and we will never stop pursuing the individuals responsible for these alleged criminal acts here and abroad and anywhere they travel. Now at this point, I will turn the podium over to Acting U.S. Attorney Michael Sherwin who will discuss the allegations and the indictments in greater detail. Mike? Michael Sherwin: (10:49) Thank you sir. Ladies and gentlemen, the scope and sophistication of the crimes alleged in these three indictments that we unseal this week are really unprecedented for several reasons. As previously mentioned, hundreds of corporations and thousands of individual accounts were targeted by these Chinese hackers and causing upwards estimated millions of dollars in damages. Now what makes these indictments more troubling and more interesting to some degree is the fact that we now see these hallmarks of the hackers targeting in addition to the standard corporations that were targeted, business institutions, universities, we also see online gaming companies which the deputy attorney general just mentioned is a billion dollar industry so this is a new target-rich environment in which hackers are targeting and as we'll go through with these indictments, the Chinese hackers were working in concert with the two Malaysians to not only hack into these online digital gaming companies but then essentially fence and sell digital currencies, tokens, coins on gaming platforms to third parties and essentially victimizing these online gaming companies and laundering those proceeds back to the Chinese. So the first indictment, ladies and - Michael Sherwin: (12:03) ... and laundering those proceeds back to the Chinese. So the first indictment, ladies and gentlemen, the Zhang Indictment, deals with two Chinese nationals. And there's really two criminal schemes related to this first indictment. The first criminal scheme is the basic brute force type hacking that we've seen in other cases. But the scheme also involved, as the Deputy Attorney General just mentioned, the supply chain attacks in which the Chinese hackers in a very sophisticated way would hack into software companies, insert malicious malware. That software then would be sold to innocent third parties for corporate use. But the malware, the software was a Trojan horse, which allowed the hackers to then get into the third party databases and steal more proprietary information. That's seen and elicited throughout that first indictment. Michael Sherwin: (12:52) In addition to that first criminal scheme that we outlined in that first indictment, we also see another scheme in which these two Chinese hackers were working in concert with the two Malaysians in which they were targeting online gaming companies throughout the world. And once they would target these online gaming companies, as many people know, especially if you have kids, there's a lot of coins, tokens, digital currency involved in a lot of these online games, they would steal that digital currency. They would then work with the two Malaysians that are cited in indictment number two, that would then essentially fence and sell that stolen digital currency online to other innocent third parties. So this is again troubling because we see this as, unfortunately, a new area in which hackers are exploiting and it's a billion dollar industry. And I'm sure this isn't the end. We're going to see much more of this criminal conduct unfortunately. Michael Sherwin: (13:48) The third indictment, ladies and gentlemen, deal with three Chinese nationals, very similar to the allegations in the first indictment with the two Chinese nationals. Very basic allegations of a brute force hacking. But what's interesting in the third indictment, ladies and gentlemen, is there's reference to [inaudible 00:02:07], which is a Chinese corporate entity, which is closely linked to the Chinese government, does work for them. And it has close contacts with the Chinese People's Republic Army, and also the Chinese military security apparatus. So in terms of that third indictment, we see hacking, we steal the theft, the proprietary information, and again, hundreds of corporations targeted throughout the world with millions in loss. Michael Sherwin: (14:34) So these three indictments, ladies and gentlemen, essentially are trying to telegraph to the world that the Department Of Justice, the FBI, the US Attorney's Office will fix, find and indict cyber criminals in any corner of the world, be it Malaysia, China, Eastern Europe, Western Europe, and bring them to justice here in the District of Columbia. Without much more to say, I want to, first of all, thank the AUSAs that were involved in this case and the United States Attorney's Office. And also the amazing and extraordinary work of the FBI in working this case up, because it was very sophisticated and involved a tremendous amount of effort by the Bureau. So right now I'm going to turn over the podium to Deputy Director David Bowdich. Thank you. David Bowdich: (15:19) All right. Thank you, Mike. All right. Good morning. I've been up here all too often with my partners from the Department of Justice, talking about hackers, in particular Chinese hackers. And here we are again. We're here today to tell these hackers and the Chinese government officials who turned a blind eye to their activities that their actions are once again unacceptable. And we will call them out publicly. We've been fighting the cyber threat for years now. And all too often, it's been a game of whack-a-mole. We investigate one hacker group and we quickly uncover another hacker group. We disrupt one nation state adversary targeting our infrastructure and our intellectual property, and very quickly we are oftentimes exposing another side of that nation state actor, or another nation state actor as well. David Bowdich: (16:18) Some days it seems like a never ending battle, but cyber is one of our highest priority. In fact, the FBI's new enterprise strategy highlights how important it is to us. The FBI's priority number two is to protect to the United States against foreign intelligence, espionage and cyber operations. Our number three priority is to combat significant cyber criminal activity. And we've been taking a closer look at what the FBI can bring to this fight. David Bowdich: (16:50) Our cyber strategy in a nutshell is designed to impose both risk and consequences on our adversaries. In plain English, we want to make it more difficult and more painful for hackers and criminals to do what they're doing. And the best way for us to do that is by leveraging our unique authorities, our unique capabilities, and our enduring relationships, not just in the US, but throughout the world. We want to build on the innovation that has helped the FBI and our partners adapt and evolve to meet the evolution of threats throughout the past century. We've got to change the cost benefit analysis of criminals and nation state actors who believe they can compromise United States networks, steal US financial and intellectual property, and hold our critical infrastructure at risk, all without imposing risks to themselves. David Bowdich: (17:53) Indictments are only one way in which we do that, but often that's all we can do. We indict the criminals, we come up here on stage and we call them out publicly. This time, as the Deputy Attorney General stated earlier, due in a large part to the efforts of our folks here, but also in a large part to our Malaysian law enforcement counterparts, we have two people in custody. And we are seeking their extradition to bring them to the US to face these charges. The cyber threat is not a problem. Sorry. The cyber threat is not a problem that any one agency can address by itself. David Bowdich: (18:39) So central to our strategy is the role the FBI plays as an indispensable partner to our federal counterparts, our foreign adversaries and our private sector partners. We want to make sure we're doing everything we can to help our partners do what they need to do. And the private sector and the partnerships that have been developed over time can not be understated. They are an incredibly important component in the cyber fight. That means using our role as the lead federal law enforcement agency with law enforcement and intelligence responsibilities to not only pursue their actions, but those of the adversaries overseas to enable our partners, to defend networks, to attribute malicious activities, to sanction bad behavior, and to take the fight to our adversaries overseas as much as we possibly can. To that end, later today we will be distributing a flash message to our private sector partners and our foreign partners. A flash message essentially provides the expertise necessary and the technical expertise necessary for them to defend their own networks. We believe it will be helpful in not only detecting, but mitigating APT 41's malicious activities. David Bowdich: (19:57) Before I wrap up, I want to remind you what I have said almost every time we've been up here at the podium when it comes to an indictment of Chinese hackers. Our concern is not with the Chinese people. Our concern is not with the Chinese Americans. But specifically our concern is with the Chinese Communist Party. Confronting this threat effectively does not mean we should not do business with the Chinese. It does not mean we should not host Chinese students. And it does not mean we should not welcome Chinese visitors or coexist with China on the world stage as a country. What it does mean is that when China violates our criminal laws and our international norms, we will call them out. David Bowdich: (20:45) We're going to work together with our partners at home and abroad, in law enforcement and in the private sector, to stop brazen cyber crime and hold people accountable. The cyber threat is daunting, but with the tailored approaches that we've put together in each situation to bring together the right talent and the patriotic people, their tools and the authorities we've been provided at the right times, we have the ability to understand and combat the cyber threat. David Bowdich: (21:15) So let me talk about those people. I want to quickly call out our special agents, our analysts, our computer scientists, and quite frankly, the prosecutors that worked on this case and work on these cases on a day to day basis. These cases are tedious. They are detailed. They require a significant level of expertise and they require, more than anything, tenacity. And I want to thank them for their work for the American people. David Bowdich: (21:46) To the hackers, I want to tell you, whether you're in the US or whether you're overseas, just because you have not yet seen an indictment does not mean that there is not a prosecutor working with a group of agents and supporting cast, putting together an indictment for you as we speak. Thank you. David Bowdich: (22:11) Next up, I want to introduce our acting as assistant director in charge of the Washington field office, Jim Dawson. Jim Dawson: (22:23) Good morning and thank you, Deputy Director Bowdich. Today's actions charging five China based and two Malaysia based hackers demonstrate that the tenacity of the FBI's Washington field office and our government partners to ensure all criminals are held accountable for their actions no matter their location. We are committed to bringing justice to all victims of cyber crimes. These hackers compromise the computer networks of more than 100 companies around the world. These intrusions allowed hackers to steal source code, customer account data, and personally identifiable information. Using their access, the hackers not only compromised an individual company, but also used their access to compromise a company's customers, extending the effects of their crimes. Jim Dawson: (23:17) These actions were often conducted using, maintaining, and communicating with computer and internet infrastructure located in the United States. Several of these defendants also defrauded video game companies through manipulation of in game resources to increase their illicitly obtained income. These for profit criminal activities took place with the tacit approval of the government of the people's Republic of China. This investigation is another example of the blended threat increasingly seen in cyber investigations. To address these threats, the FBI brings together its expertise in criminal, national security, and cyber investigations to bring justice to these actors who- Jim Dawson: (24:03) ... patience to bring justice to these actors who attempt to take advantage of the supposedly anonymity and lack of geographical limits of cyberspace. The companies and individuals victimized by these criminals are located around the world. Their crimes transcended borders, which is another reason the FBI and our partners must work together to bring these individuals to justice no matter where they might reside. In this case, we're immensely grateful to the Malaysian government for their willingness to assist us with the arrest and extradition of two of these hackers. Jim Dawson: (24:39) In addition to the Malaysian government, we would also like to thank the private sector companies who have taken proactive measures to harden their network vulnerabilities utilized by these actors. Notably, we're unable to extend any gratitude to the Chinese communist party or to the government or the people's Republic of China, which was unwilling or unable to address the egregious cyber criminal activity of its citizens. As always, the FBI will continue to work with its partners to identify those who conduct cyber attacks against our nation, bring their actions to light and hold them responsible wherever they are. Thank you. And I'll yield the podium to Deputy Attorney General Rosen. Jeff Rosen: (25:27) So let me add my, " thanks," to both the FBI for the outstanding work by the entire team there and to our lawyers at both the National Security Division and the US Attorney's Office. It's outstanding work, and on behalf of the department, I want to express my appreciation for that as well. I think at this point, we'll be happy to see if there are questions. Speaker 2: (25:53) Thank you. We will now begin the question and answer session. To ask a question, you may press star, then one on your telephone keypad. If you're using a speaker phone, please pick up your handset before pressing the keys. To withdraw your question, please press star, and then two. We ask that you please state who you are directing your question to. [crosstalk 00:26:18] ... pause momentarily to assemble our roster. Our first question will come from Eric Tucker with the Associated Press. Please go ahead. Eric Tucker: (26:37) Yes. Hi. Thank you so much. I suppose this question is perhaps best directed to the acting United States Attorney Mr. Sherwin. I was wondering if you could please elaborate on two different things. One is the connection that you alleged between the attacking group and the Chinese government. I'm trying to determine whether it's a sort of a tech connection or more of a direct link. And also, for sort of the nonprofit hacking related efforts, what do you think is the primary mode of that you're seeing in terms of the intrusions that are targeting universities to think tanks and elements like that? Thank you. [crosstalk 00:27:12] Michael Sherwin: (27:12) Sure. Yes. So I want to start off by saying in neither and any of these three indictments do we blatantly allege that these acts were state sponsored. However, the caveat is this. In those indictments, you have to ask two questions. One, who is doing the hacking and who is being hacked? Now, the general nature of that hacking was for personal benefit with those defendants. However, if you parse through those indictments, you're going to see some targets that were not corporations. You see targets such as pro-democracy groups. You see targets such as democracy, think tanks and universities. Michael Sherwin: (27:48) Now, a hacker for profit is not going to hack a pro-democracy group. This is a breadcrumb that shows that these individuals were working for private personal gain, yes, but they also were proxies. That's a conclusion you could draw for the Chinese government. Why can we say that? We could say that for a few reasons. One, as alleged in the indictment, some of the lead defendants boasted and mentioned that they had communications and contacts with the state apparatus of China. They also mentioned that, and again, I believe it's in the third indictment, the Jang indictment, that it is okay to target externally, internationally, but a no-go domestically. So that's showing that there's some tacit approval or there's some tacit direction that they're getting from the Chinese government. Did I address all of your question, sir? Yeah. Speaker 2: (28:43) Thank you. And the next question will come from Dustin Bolts with the Wall Street Journal. Please go ahead. Dustin Bolts: (28:50) Hi, thanks so much for doing the call. Two quick questions. On the so-called supply chain attacks, that seems like a pretty interesting mechanism used here. Can you just give us more details about sort of how widespread that was in the campaign or how many of those victims were of impacted by that approach of compromising the software companies that were then injecting updates to third parties? And then on the companies that were helpful in the investigation, Facebook, Microsoft, Google, and Verizon, any more details just about how that assistance worked, how long they were involved, and is there any evidence that any of them were themselves targeted or compromised by this campaign? Jeff Rosen: (29:36) Okay. So those are important aspects. Why don't we take them separately? Mike, do you want to address first, the supply chain attacks, because that is a very important element here? Michael Sherwin: (29:47) As again, I'll be brief, but as mentioned earlier, these supply chain attacks did occur in the conduct related to these indictments. However, this isn't the first time we've seen that. This isn't a novel type of a hacking attack. We've seen this before over the past several years, so that's not novel, but it is sophisticated. And most of that was, as mentioned, malware would be inserted into that software that would then be sold to third parties. That creates backdoor, so you could further exploit those customers that purchase that software. Jeff Rosen: (30:18) John, you want to take the part about the cooperation in the private sector? John: (30:23) Sure. I think on that, we're not going to say more than what we've already said publicly and in the indictment in terms of the cooperation we've gotten from the private sector, but we're obviously very grateful both to those who were named and those who were not named. Jeff Rosen: (30:43) I think I'll just add in the big picture, that's an important part of what we do in these kinds of situations is the partnership with the private sector is extremely important to our ability to both deal with the cases and try to protect the internet. Next question. Speaker 2: (30:56) Next question will come from Nick Shiffrin with PBS. Please go ahead. Nick Shiffrin: (31:07) Thank you very much for doing... Thank you very much for doing this. I wanted to go back to the intersection of espionage and politics. Can you talk more about the MFS connection, whether you believe that this is a real connection or whether it was just a bit of a brag? When you say proxy, can you talk more about the nature of the targeting, not only against pro- democracy Hong Kong activists, but also India and Vietnamese computer networks? That seems to be two governments that the Chinese have had difficulties with in the US and has been trying to ally with recently. Thanks. [crosstalk 00:31:49] Michael Sherwin: (31:49) Sure. Briefly, I'll essentially say what I stated before. So look, there's no explicit allegation that this was state sponsored. However, people that are hacking for profit do not target some of the entities that are listed to those indictments. For example, the pro-democracy groups, the other universities. For example, in that third indictment, there was hacking of essentially thousands of students at a Taiwanese university. That is a hallmark. That is a trademark of espionage. That's what espionage, that's what intelligence service used to harvest data individuals that they could spot and target. Again, these are just... This is evidence circumstantial when you build it all together. When you follow all the breadcrumbs, those breadcrumbs in general, a theory could be that that leads to administrative state security. David Bowdich: (32:36) Yeah, I think the US attorney answered that very well. There's not a lot I have to add. I would say that as I mentioned earlier, we are seeking the extradition of these two Malaysian subjects. Whether or not any other country gets involved in that and tries to block that in any way will be interesting to watch. I do want to follow up also on the private sector aspect that was asked earlier. Look, the reality is for many decades, we've talked about our private sector partners first with law enforcement and then in the intelligence community. But today, the private sector partnerships that we have developed throughout the country are absolutely essential. And just because we have some very talented people working in the private sector does not mean they are not every bit as patriotic as those of us working in the US government. Speaker 2: (33:32) The next question will come from David [inaudible 00:33:35] with Fox News. Please go ahead. David: (33:38) Sure. Thank you for taking my question, everybody. This is for FBI Deputy Director David Bowdich. Sir, I could send your frustration when you came up to the podium and you talked a little bit about this being like whack-a-mole. My question for you is when you deal with people in China and you arrest people in China, they're not playing ball. They're not helping you guys out to extradite these people. Sure, two from Malaysia are going to come back, but talk to me about the frustration to put these wanted posters out here, countless wanted posters and not having any help from anybody in China to get these people to the United States. David Bowdich: (34:14) Sure. I can address at least part of that question. First off, it is incredibly frustrating and I think that the Deputy Attorney General's points earlier about asking for Chinese assistance and relying upon them, it was a very salient point for all of us to think through. As far as our counter-intelligence mission and our cyber mission, yes. Much of our work is done against Chinese communist party individuals or Chinese communist party affiliated individuals. Yes, it's incredibly frustrating. And the reality is there are those out there who do not believe indictments are effective. I would counter that strongly for many reasons. David Bowdich: (34:56) First and foremost, we know about the travel of some individuals who participate in this type of activity. They know that if they are indicted, they are at great risk if they travel outside of their country. We have proven that through the long arm of the law and that may sound like an overused phrase, but I truly believe in it in these international cases. So it does restrict their travel. It also puts them on notice and has been successful in many cases, not just with Chinese nation state adversarial actors, but also with other adversarial nation state actors where we are able to actually reach them, bring them back to the US and run them through the adjudication process. Is it frustrating? Yes, it is. Our folks dogged and tenacious, and will they continue to be? Yes, they will. Jeff Rosen: (35:55) Let me supplement that with just two quick points. This is a case where thanks to our partnership with the Malaysian government, we have two people. Jeff Rosen: (36:03) Thanks to our partnership with the Malaysian government, we have two people who perhaps thought they were beyond our reach and they've been arrested. We still have to have them extradited, but people who think that there are safe havens need to think pretty carefully about that. Because as I said in my initial remarks, we will pursue people, not just here, but abroad, wherever they travel. And this is a case, or a set of three cases really, in which the victims are worldwide and effected countries all over the globe. So there will be many people interested in finding these defendants and we hope to find the opportunity to try them in a court of law and present the evidence beyond a reasonable doubt. Jeff Rosen: (36:53) One more. Speaker 2: (36:57) Thank you. And that question will come from Kadeem Shuber with the Financial Times. Please go ahead. Kadeem Shuber: (37:04) Hi there. Thank you for doing this call. Had a question for Acting US Attorney Sherwin. Can you just tell us a little bit about the compromised government networks in India and Vietnam? What was targeted or stolen or disrupted there, and also about the attempt to compromise some of the networks in the UK and what the hackers were targeting there? Michael Sherwin: (37:29) Well, at this point, we cannot exceed the four corners of those indictments and get into details. Obviously, as the case proceeds more details would come out. But at this point, we just have to [inaudible 00:37:42] the allegations, and yes, those nations infrastructures were targeted and obviously, as previously mentioned, I think, in a question a couple of minutes ago here, those nations are not friends of China, so it's no mystery or it's not surprising that some of their infrastructure was targeted. Jeff Rosen: (37:59) So I hate to end on one that we have some limits on what we can say. So why don't we do one more? Speaker 2: (38:09) Thank you. And that question will come from Alex Mellon with ABC News. Please go ahead. Eric Tucker: (38:17) My question, I just wanted to ask, do you have a sense of the extradition timing in terms of, the Malaysian government was obviously very cooperative in arresting them, but do you have any sense on when these two Malaysian businessmen will see the inside of a US courtroom? Jeff Rosen: (38:34) I think this is a somewhat complicated subject, but we'll see if John Demers can offer any thoughts. John Demers: (38:48) Well, I don't want to get ahead of the process there in Malaysia. Obviously these two defendants will have a right to raise whatever claims they'd like to try to fight the extradition. I imagine they will try to fight the extradition and we'll just have to let the Malaysian process play itself out, but it certainly will be months before they get over here. But in the meantime, they've been arrested over there. Thanks. Jeff Rosen: (39:15) Well, thanks very much everybody. And let me just mention that we do plan a backgrounder as well. So while I'm going to have to depart, some of the folks that can provide many more of the specific details and address some of the background things will now be available and we'll go to that. Speaker 2: (39:38) Thank you. Once again, if you'd like to ask a question, please press star, then one. Speaker 1: (39:43) All right. Thank you everybody for joining. This marks the end of the formal part of the press conference, the cameras can shut down now. And then in about one minute, we're going to start with a backgrounder. We're going to have some of the prosecutors working on the case come up and make some brief remarks, but then we will get through every media question-