US releases identity of Chinese hackers, covid data, defense secrets targeted3 min read . Updated: 22 Jul 2020, 04:20 PM IST
US said that the two Chinese hackers Li Xiaoyu and Dong Jiazhi were assisted by China’s Ministry of State Security and that defense contractors, weapons systems were hacked along with Covid-19 medical research
The US accused two Chinese hackers of working for Beijing to steal or try to steal terabytes of data, including coronavirus research, from Western companies in 11 nations — the second time in a week a foreign nation has been singled out for vaccine-related hacking.
The Justice Department released an indictment Tuesday against the individuals, whom it identified as Li Xiaoyu and Dong Jiazhi. It said that the two men were assisted by China’s Ministry of State Security and that defense contractors and weapons systems were hacked along with medical research.
“Li and Dong, former classmates at an electrical-engineering college in Chengdu, China, used their technical training to hack the computer networks of a wide variety of victims," according to the indictment. “The defendants stole hundreds of millions of dollars’ worth of trade secrets, intellectual property, and other valuable business information."
The accusations threaten to escalate tensions even further between the US and Beijing -- over China’s treatment of Hong Kong, the origins of the Covid-19 pandemic, claims in the South China Sea and the future of next-generation 5G technology. Intellectual-property theft concerns have long been a source of strain between the two powers.
“China is providing a safe haven" for hackers working for personal profit and the state’s interests, John Demers, head of the Justice Department’s National Security Division, said at a press conference Tuesday. Cyber intrusions are part of the country’s “rob, replicate and replace strategy to technological development," he said.
Demers declined to specify whether the hackers were successful in stealing coronavirus research. But he said the US is concerned that attacks against companies working on Covid-19 research could slow down their efforts, or result in data being manipulated.
The indictment doesn’t name specific companies or institutions that were targeted, but does provide some identifying information -- such as where they are located and when the attacks took place. For example, between January and February 2020, Li Xiaoyu searched for vulnerabilities in computer networks of firms in Massachusetts, Maryland, and California that were researching Covid-19 vaccines and antiviral drugs.
The US knows the identity of Chinese officials who aided the hackers but declined to indict them at this time, Demers said.
In a briefing in Wednesday in Beijing, Chinese Foreign Ministry spokesman Wang Wenbin rejected the US hacking accusations. “The Chinese government is a staunch supporter and champion of cybersafety," Wang said. “We’ve been cracking down on all forms of cyber attacks and cybercrimes. We demand the US side immediately stop discrediting China on the issue of cybersecurity."
According to the Justice Department, companies targeted by the hackers were based in the US, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, South Korea, Spain, Sweden and the U.K. The hackers had been carrying out attacks for over a decade, according to the statement.
“The indictment charges the defendants with conspiring to steal trade secrets from at least eight known victims, which consisted of technology designs, manufacturing processes, test mechanisms and results, source code, and pharmaceutical chemical structures," according to the statement.
Such information would give “a market edge by providing insight into proprietary business plans and savings on research and development costs in creating competing products," the Justice Department said.
The FBI had previously warned that Chinese hackers were targeting Covid-19 research organizations in an effort to obtain data related to vaccines, treatments and testing.
And last week, cybersecurity agencies from the US, UK, and Canada accused a Russian government-linked hacker group of trying to steal Covid-19 vaccine research. Known as APT29 or Cozy Bear, it had developed malware and exploited known security vulnerabilities in an effort to break into computers used by organizations working on the vaccine, according to the agencies. Russia has rejected those accusations.