Enlarge /. The Ministry of Justice seal, as seen during a press conference in December 2019.
Two government-sponsored hackers in China have attacked US companies in a "sophisticated and productive threat" for more than 10 years, both for financial gain and to steal business secrets, the Department of Justice said today.
The 11-point charge (PDF) released today alleges that Li Xiaoyu and Dong Jiazhi worked with the Chinese Ministry of State Security (MSS) and other authorities to "hack hundreds of victim companies, governments, non-governmental organizations". and individual dissidents, clergymen, and democratic and human rights activists in the United States and abroad. "
Li and Dong have reportedly infiltrated networks of companies in a variety of sectors, including "high-tech manufacturing, construction, industrial and medical technology, business, educational and gaming software development, solar energy, and pharmaceuticals" defense companies, since at least September 2009 In the past few months, the prosecutor said, the two have been looking for ways to at least "get into the networks of biotech and other companies that are publicly known for their work on COVID-19 vaccines, treatments, and testing technologies." 11 countries, including the United States.
The indictment does not mention the companies in question, but merely points out that Li tried "on or around January 25th and 27th" to penetrate networks of a biotech company in Maryland and a biotech company in Massachusetts, both of which at that time, publicly known were working on COVID-19 vaccines. The targets appear to be Novavax, based in Gaithersburg, Maryland, and Moderna, based in Cambridge, Massachusetts.
In addition to several cases where the couple reportedly worked with MSS and other government agencies, Li and Dong also tried to make some money on the side, the indictment alleges. "At least once, they returned to a victim from whom they had stolen valuable source code to try to extortion. They threatened to publish the victim's intellectual property on the Internet, thereby destroying its value unless a ransom was paid."
Deputy Attorney General for National Security, John C. Demers, said in a written statement:
China has now taken its place alongside Russia, Iran and North Korea in this shameful club of nations that provide a safe haven for cybercriminals in return for these criminals being "on call" to work for the benefit of the state's insatiable Quenching the Chinese Communist Party's hunger for the hard-earned intellectual property of American and other non-Chinese companies, including COVID-19 research.
Russia is also accused of trying to steal trade secrets from other nations related to COVID 19. On Friday, the National Security Agency and its colleagues in the UK and Canada said hackers related to Russian intelligence agencies were trying to intrude into organizations working on potential vaccines against COVID-19. (Russia denied the allegations.)
The bigger picture
Tensions between China and the United States have been high since 2017, particularly in terms of technology, hacking, and national security.
This is not the first time this year that the DOJ has charged Chinese nationals with alleged high-profile hacking activities in the United States. Back in February, the DOJ announced that government-sponsored hackers in China were responsible for the 2017 Equifax violation, which is arguably the worst leak in U.S. private information.
The Trump administration is considering banning TikTok and other apps from companies based in China, Foreign Minister Mike Pompeo said earlier this month. The government is also banning devices from China-based companies Huawei and ZTE, as well as sanctions that prevent US companies from exporting to both companies, and raises national security concerns.