Hackers have also allegedly targeted dissidents and human rights activists in the US, China, and Hong Kong, as well as hundreds of companies in more than 10 countries, as part of a 10-year campaign that racked up terabytes of stolen data, John Demers, chief of the Justice Department’s Homeland Security Division, said Tuesday.
One of the hackers, Li Xiaoyu, allegedly performed an electronic reconnaissance on at least four US-based companies that were publicly known to be working on coronavirus projects.
According to the indictment, in late January, Li scanned vulnerabilities in networks of Maryland and Massachusetts biotech firms investigating coronavirus vaccines. The following month, she approached a California company that had just announced that it was investigating antiviral medications to treat the virus. In May, Li targeted a California diagnostic company that was developing coronavirus test kits.
Prosecutors did not allege that the hackers actually raped the networks or stole information from US companies working on the coronavirus, although a senior Justice Department official said the searches for weaknesses on the network that Li is accused of are a standard precursor to a hacking attempt. .
Li and another Chinese citizen, Dong Jiazhi, are charged with 11 federal charges including conspiracy to commit trade secret theft and aggravated identity theft. The couple worked from China, where they are still believed to be found.
While the indictment does not specify whether the hackers had been working at the behest of the Chinese government when targeting coronavirus projects, senior national security officials have been warning of attempts by the Chinese government to steal the coronavirus investigation from the institutions. Americans for months.
Officials from the US, UK and Canada also said last week that Russian cyber actors were targeting organizations involved in the development of the coronavirus vaccine.
The indictment alleges that Li and Dong worked alongside a Chinese intelligence officer at an outpost of the Guangdong State Security Ministry in other cases, including the theft of personal information from Chinese dissidents.
The hackers provided the MSS officer with email accounts and passwords belonging to a Hong Kong community organizer, the pastor of a Christian church in China and a dissident and former Tiananmen Square protester, the allegation alleges.
Much of the information stolen by hackers from companies around the world, comprising hundreds of victims, Justice Department officials said, was also in line with areas that the Chinese government said they wanted to move forward.
The Trump administration has criticized the Chinese government for a campaign of economic espionage and theft of intellectual property to achieve those goals, and in the indictment, Li and Dong are accused of stealing information about programs for military satellites and laser and microwave systems. high power for defense. contractors, among other defense technologies.
The indictment also marks the first time that the United States has accused the Chinese government of supporting hackers while doing their own work unrelated to any government task.
“China has now taken its place alongside Russia, Iran and North Korea in that shameful club of nations that provides a safe haven for cybercriminals in exchange for those criminals being on call for the benefit of the state,” Demers said.
.
