U.S. Dept. of Justice: Chinese hackers stole vaccine data
The U.S. Department of Justice has accused two Chinese hackers of stealing valuable data, personal information and trade secrets from hundreds of organizations around the world, including companies that are working to develop coronavirus treatments and vaccines.
An 11-count indictment unsealed Tuesday describes a sophisticated scheme that lasted more than 10 years and targeted a variety of industries in the U.S., Europe and Asia. The pair often snooped on companies for their own financial gain, but they also worked on behalf of the Chinese government, federal prosecutors said in a statement.
The suspects were identified as Li Xiaoyu, 34, and Dong Jiazhi, 33, both of whom are believed to be in China.
Multiple U.S. officials on Tuesday slammed the Chinese government for allegedly deploying malicious cyber tactics to steal intellectual property from other countries.
“China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other nonChinese companies’ hard-earned intellectual property, including COVID-19 research,” said Assistant Attorney General for National Security John Demers.
It was not immediately clear, however, whether the suspects successfully obtained any coronavirus research.
This is the first time the U.S. has criminally charged foreign hackers with targeting companies working to fight COVID-19, even as authorities in North America and the U.K. last week accused a hacking group with ties to the Russian government with trying to steal research on the virus.
Li and Dong gained initial access to victim networks primarily by exploiting publicly known software vulnerabilities in popular web applications, according to the Department of Justice. They would then install credential-stealing software on those networks to remotely execute commands on victims’ computers.
Targeted industries included high-tech manufacturing, medical device engineering, solar energy, defense, pharmaceuticals, and business, educational and gaming software, authorities said. Besides the U.S., other targeted countries included Australia, Belgium, Germany, Japan, Spain, South Korea and the United Kingdom.
The two suspects are charged with unauthorized access, conspiracy to access without authorization and damage computers, conspiracy to commit theft of trade secrets; conspiracy to commit wire fraud and aggravated identity theft.
The indictment was presented to a grand jury in Spokane, Wash., earlier this month.