U.S. Government Indicts Chinese Hackers for Stealing COVID-19 Data and More

Hack Warning_Compressed

Two Chinese nationals have been indicted for hacking into the computer systems of hundreds of companies, governments, non-governmental organizations and more to steal trade secrets, including data on treatments related to COVID-19.

The U.S. Department of Justice indicted Li Xiaoyu and Dong Jiazhi with conducting a decade-long hacking campaign that targeted high-tech industries in the United States, Belgium, Austria, Germany, Japan the United Kingdom and other western nations. The targets included medical device and pharmaceutical companies, among others. Most recently, the two probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology, and treatments, the DOJ said in its announcement. In its announcement, the government did not indicate which pharmaceutical companies had been targeted by the two defendants for their COVID-19 data.

Not only did the defendants allegedly steal from data bases for their own financial gain, but the Department of Justice said they also provided that information to the Chinese government, including that nation’s Ministry of State Security. The federal indictment charges the defendants with conspiring to steal trade secrets from at least eight known victims. The government said those trade secrets included technology designs, manufacturing processes, test mechanisms and results, source code, and pharmaceutical chemical structures. Such information would give competitors with a market edge by providing insight into proprietary business plans and savings on research and development costs in creating competing products, the government said.

The U.S. government has been closely watching the Chinese government and operatives over the past several years due to increased concerns over the theft of intellectual property. A 2017 report issued by the FBI noted that that intellectual property theft from Chinese operatives costs the U.S. as much as $600 billion annually.

“Today’s indictment demonstrates the serious consequences the Chinese MSS and its proxies will face if they continue to deploy malicious cyber tactics to either steal what they cannot create or silence what they do not want to hear,” FBI Deputy Director David Bowdich said in a statement. “Cybercrimes directed by the Chinese government’s intelligence services not only threaten the United States but also every other country that supports fair play, international norms, and the rule of law, and it also seriously undermines China's desire to become a respected leader in world affairs.”

The government said the hacking was first discovered by the Department of Energy in the state of Washington. According to the indictment, Xiaoyu and Jiazhi exploited publicly known software vulnerabilities in popular web server software, web application development suites and software collaboration programs. They used their initial unauthorized access to place malicious web shell programs and credential-stealing software on victim networks, which allowed them to remotely execute commands on victim computers, the government said. They were able to conceal the hacking for some time and returned to steal additional information at later dates, the government added.

Xiaoyu and Jiazhi are each charged with one count of conspiracy to commit computer fraud, which carries a maximum sentence of five years in prison; one count of conspiracy to commit theft of trade secrets, which carries a maximum of 10 years in prison. They were also charged with one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; one count of unauthorized access of a computer, which carries a maximum sentence of five years in prison; and seven counts of aggravated identity theft, which each carries a mandatory sentence of two non-consecutive years in prison.

Back to news