US charges Chinese hackers for global campaign targeting COVID-19 research

Li Xiaoyu, Dong Jiazhi accused of stealing massive amounts of data from companies around world

  3681
Li Xiaoyu (left) and Dong Jiazhi (right) (FBI photo)

Li Xiaoyu (left) and Dong Jiazhi (right) (FBI photo)

TAIPEI (Taiwan News) — The U.S. Justice Department has charged two alleged Chinese hackers for their involvement in a global hacking campaign that has targeted hundreds of companies and governments, stealing terabytes of data over a 10-year period.

The 11-count indictment — unsealed Tuesday (July 21) in Spokane, Washington — alleges that Li Xiaoyu (李啸宇), 34, and Dong Jiazhi (董家志), 33, stole massive amounts of data from technology companies around the world, including in the U.S. Prosecutors say the pair targeted a range of industries, including high-tech manufacturing; medical, civil, and industrial engineering; business, educational, and gaming software; solar energy; pharmaceuticals; and defense.

According to the indictment, in late January Li searched for vulnerabilities in the networks of Maryland and Massachusetts biotech companies conducting COVID-19 vaccine research. In February, he went after a California biotech firm working on coronavirus antiviral drugs; in May, he targeted a California diagnostics company developing COVID-19 testing kits.

According to the Justice Department, the duo in some instances acted for their own financial gain and in other cases for the benefit of the Ministry of State Security (MSS) or other Chinese government agencies. Li and Dong were first discovered after they targeted a U.S. Department of Energy network in Hanford, Washington, according to court documents.

The hackers used known-but-not-yet-patched weaknesses in popular web server software to gain access to victims’ networks. The two then installed password-stealing software to better penetrate their systems, according to TechCrunch.

The indictment charges Li and Dong with conspiring to steal trade secrets from at least eight known victims, consisting of technology designs, manufacturing processes, test mechanisms and results, source code, and pharmaceutical chemical structures. The hackers also allegedly targeted dissidents and human rights activists in the U.S., Hong Kong, and China.

"China has now taken its place, alongside Russia, Iran, and North Korea, in that shameful club of nations that provide a safe haven for cybercriminals in exchange for those criminals being 'on-call' to work for the benefit of the state, here to feed the Chinese Communist Party's insatiable hunger for American and other non-Chinese companies' hard-earned intellectual property, including COVID-19 research," said Assistant Attorney General for National Security John Demers.

Li and Dong are suspected of conducting operations from China and are both believed to still be there, which makes the likelihood that they will spend any actual time behind bars highly unlikely.