U.S. prosecutors have charged two wanted Chinese nationals linked to Beijing for their alleged involvement in a global hacking operation that targeted hundreds of companies and governments for more than a decade, stealing sensitive information.
The 11-count indictment unsealed on Tuesday, July 22, alleges Li Xiaoyu, 34, and Dong Jiazhi, 33, said to be working for China’s state intelligence bureau, stole terabytes of data from high-technology companies, around the world including the United States, the prosecutors said.
The prosecutors accused the hackers of recently targeting the networks of over a dozen U.S. companies in Maryland, Massachusetts, and California developing vaccines and treatments for COVID-19.
The indictment comes just weeks after both the FBI and Homeland Security warned that China was actively trying to steal U.S. research data related to the coronavirus pandemic.
The hackers were first discovered after they targeted a U.S. Department of Energy network in Hanford, Washington, the Justice Department said.
The prosecutors said the hackers also targeted companies in Australia, South Korea, and several European nations, using known but unpatched vulnerabilities in widely used web server software to break into their victims’ networks. By gaining a foothold onto the network, the hackers installed password-stealing software to gain deeper access to their systems.
The prosecutors also said that the hackers would “frequently” return to the networks — in some cases years later. According to the indictment, the hackers stole “hundreds of millions of dollars” worth of trade secrets and intellectual property. The prosecutors also allege that the hackers stole data related to military satellite programs, military wireless networks and high-powered microwave and laser systems from defence contractors.
The hackers are said to have targeted their victims on behalf of China’s intelligence services but also hacked for personal financial gain. In one case, prosecutors said the hackers “sought to extort cryptocurrency” from a victim company by threatening to publish the victim’s stolen source code online.
John C. Demers, U.S. assistant attorney general for national security, said that the indictments were “concrete examples” of how China used hackers to “rob, replicate and replace” non-Chinese companies in the global marketplace.
If prosecuted, the wanted hackers could each face more than 40 years in prison. But prosecutors believe the hackers are in China, and extraditions to the U.S. are unlikely because of the strained relationship between China and the US.