The Justice Department has announced an 11-count indictment charging two alleged Chinese hackers accused of carrying out a massive global cyber intrusion campaign on behalf of the Chinese government in which they stole “hundreds of millions of dollars” worth of trade secrets, and most recently sought to target companies conducting research for a COVID-19 vaccine.
Li Xiaoyu and Dong Jiazhi, both Chinese nationals currently living in China, are alleged in the indictment to be active leaders of a hacking campaign that has been ongoing for more than 10 years and has targeted hundreds of companies in more than 11 countries, including the U.S.
“The defendants stole hundreds of millions of dollars’ worth of trade secrets, intellectual property, and other valuable business information,” said Tuesday’s unsealed indictment.
Their primary goal, according to federal prosecutors, was not only personal financial gain but to hand over stolen data and hacked information to China’s Ministry of State Security and other Chinese government agencies.
“The hackers stole terabytes of data which comprised a sophisticated and prolific threat to U.S. networks,” the DOJ said in a press release. “More recently, the defendants probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology, and treatments.”
“In this manner, China has now taken its place, alongside Russia, Iran, and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, HERE to feed the Chinese Communist Party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” Assistant Attorney General John Demers said in a news conference Tuesday.
While the Justice Department said at least four American companies working on coronavirus treatment and testing were targeted by Xiaoyu and Jiazhi, the indictment from the U.S. attorneys office in Spokane, Washington, does not allege the two hackers successfully accessed any firms’ networks or data and stole COVID-related research.
According to the indictment, Xiaoyu and Jiazhi were allegedly able to steal information “regarding military satellite programs; military wireless networks and communications systems; high-powered microwave and laser systems; a counter-chemical weapons system; and ship-to-helicopter integration systems.”
And their alleged activity on behalf of the Chinese Communist Party’s government, according to the Justice Department, was not limited simply to stealing intellectual property.
The indictment states that Xiaoyu and Jiazhi also provided China’s Ministry of State Security with the personal data of Chinese dissidents and other critics of the government. Specifically, Xiaoyu and Jiazhi were able compromise the email accounts and passwords of a Hong Kong community organizer, a pastor of a Christian church in Xi’an, China, and a dissident and former Tianenmen Square protester, according to the indictment.
They additionally stole emails from a Chinese Christian pastor in Chengdu just days after his church was banned by the government — and the Justice Department says the pastor was subsequently arrested.
While the FBI on Tuesday issued a wanted bulletin for both men and identified them as fugitives, it’s unlikely that Xiaoyu and Jiazhi will ever see the inside of a U.S. courtroom. Law enforcement officials at Tuesday’s press conference said the indictment primarily serves to publicly identify the two hackers, whose efforts were not previously being tracked, as a threat to the private sector in addition to raising broader awareness regarding malicious cyber activity being carried out by China.
In May, the FBI issued its first public warning that Chinese government hackers were seeking to steal data from firms conducting COVID-19 research and testing. A DOJ official confirmed Tuesday’s indictment contains the first publicly announced charges against Chinese nationals attempting to do so.