The Department of Justice announced Tuesday it has charged two Chinese hackers with trying to steal US COVID-19 research as well as other sensitive government information.
Chinese Nationals Li Xiaoyu, 34, and Dong Jiazhi, 31, allegedly stole ‘hundreds of millions of dollars’ worth of trade secrets, intellectual property, and other valuable business information in a sophisticated, decade-long scheme.
They’re accused of hacking hundreds of companies, government organizations, dissidents, human rights activists and private companies, including those engaged in COVID-19 vaccine research.
The government said the plot, said to have begun in 2009, was not only carried out for their personal financial gain but also for the benefit of the Chinese government.
‘The hackers stole terabytes of data which comprised a sophisticated and prolific threat to U.S. networks,’ Assistant Attorney General for National Security John Demers said during a press conference in New York.
They allegedly breached defense contractors and stole sensitive military information, prosecutors said, including about military satellite programs and communications systems.
The indictment says the two men were assisted by an unnamed Chinese intelligence officer who is known to the grand jury.
The two men were indicted by a grand jury for the purported hacking campaign, which not only targeted companies in the US, but also in Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom.
Their targets included high tech manufacturers, medical device makers, civil and industrial engineers, gaming software makers, solar energy companies, pharmaceutical makers, and defense contractors, the DOJ said.
Among the 13 US victims were the Department of Education’s Hanford site in Washington, a California tech and defense company, a Maryland tech and manufacturing company, a Texas engineering firm, a Virginia defense contractor, a Massachusetts software firm, a California gaming software company, and several U.S. drug makers.
‘In at least one instance, the hackers sought to extort cryptocurrency from a victim entity, by threatening to release the victim’s stolen source code on the Internet,’ the FBI said. ‘More recently, the defendants probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology and treatments.’
None of the affected companies or parties were named in the indictment.
The inclusion of the coronavirus-related victim comes as US security agencies have warned that China is seeking to gain an upper hand in the global search for a vaccine.
The FBI warned in May that Chinese government hackers have been ‘observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research’.
There was no immediate indication from the indictment that the hackers had successfully obtained any information pertaining to COVID-19 research, despite efforts to snoop on the companies.
But prosecutors say that in January, the defendants conducted reconnaissance on the computer network of a Massachusetts biotech firm known to be researching a potential vaccine and searched for vulnerabilities on the network of a Maryland firm less than a week after it said it was conducting similar scientific work.
Demers said the actions of the hackers are ‘concrete examples’ of two concerning trends.
‘China is using cyber intrusions as part of its “rob, replicate and replace” strategy to technological development,’ Demers said.
The DA added that Beijing is also ‘providing a safe haven for criminal hackers who, as in this case, are hacking in part for their own personal gain but willing to help the state and on call to do so.’
Demers claimed that China has increased its brazen efforts to engage in theft and espionage through computer intrusions in breach of their international commitments.
‘China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist Party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,’ Demers said.
FBI Deputy Director David Bowdich shared the Demers’ sentiments. He accused China of stealing ‘Intellectual property and research which bolsters its economy, and then they use that illicit gain as a weapon to silence any country that would dare challenge their illegal actions.
‘This type of economic coercion is not what we expect from a trusted world leader. It is what we expect from an organized criminal syndicate.’
The indictment of Li and Dong marks the first time the US has charged suspected Chinese hackers with not only working to enrich themselves, but also on behalf of their native government.
The Chinese government has routinely denied it conducts or sponsors hacks of foreign networks for purposes of economic espionage.
The country has come under fire from the Trump Administration and a number of other world leaders for downplaying and failing to contain the coronavirus, which originated in Wuhan in 2019.
China has strongly opposed those accusations and accused the US of using the global pandemic as a political pawn.
The country has not yet responded to the charges leveled against Li and Dong.