Two Chinese hackers have been indicted for stealing millions of dollars worth of trade secrets and other sensitive information from businesses and government agencies, and attempting to steal COVID-19 research, the Justice Department announced on July 21.
The department unsealed an 11-count indictment against Li Xiaoyu, 34, and Dong Jiazhi, 33, on Tuesday, alleging that the pair hacked into computer systems of hundreds of victims, including companies, government and non-governmental organizations, and individual dissidents and human rights activists in the United States and around the world in a decade-long campaign.
Li and Dong, both trained in computer applications technologies, did not hack solely for personal benefit, prosecutors alleged. The pair was also working with and assisted by the Chinese Communist Party’s Ministry of State Security (MSS)—the regime’s chief intelligence agency.
The companies Li and Dong targeted were engaged in high-tech manufacturing and other industries such as defense, pharmaceuticals, medical device, civil, and industrial engineering. The firms were spread across the globe including in the United States, Australia, Belgium, Germany, and Japan. More recently, the pair had been looking for vulnerabilities in the networks of biotech companies that were known for their COVID-19 related research, prosecutors alleged.
Justice Department officials also said that the two hackers had on one occasion attempted to extort a victim from which they had stolen valuable source code. They threatened to publish the code on the internet—hence destroying the value of the code—unless the victim paid them a ransom.
“These intrusions are yet another example of China’s brazen willingness to engage in theft through computer intrusions, contrary to their international commitments, such as their 2015 understanding with the United States and similar understandings with other countries not to conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information with the intent of providing a competitive advantage to Chinese companies or commercial sectors,” U.S. Assistant Attorney General for National Security John C. Demers said during a Tuesday press conference announcing the indictments.
Demers said the industries targeted by the hackers coincided with industries outlined in the regime’s Made in China 2025 plan. Rolled out in 2015, the economic blueprint aims to turn China into a global competitor in 10 tech sectors by 2025.
By stealing information from companies in high-tech industries and replicating the technology, Chinese companies can eventually “edge out” their non-Chinese competitors, Demers said, citing the indictment.
He said in one example, the hackers stole gigabytes of data from a Maryland technology and manufacturing firm that would have revealed to competitors the types of products the company was planning to bring to the market. The same data would have also allowed competitors to save on research and development costs, as well as time, thus giving the competitors an advantage in the global marketplace.
“China’s anti-competitive behavior in flagrant disregard for their promises not to engage in cyber-enabled intellectual property theft is not just a domestic issue—it is a global issue,” Demers said.
Demers added that the indictment also highlights how the Chinese regime is willing to turn a blind eye to prolific criminal hacking operations within its borders, citing some of Li and Dong’s alleged criminal activities that were conducted for personal profit.
“China has now taken its place alongside Russia, Iran, and North Korea, in that shameful club of nations that provide a safe haven for cybercriminals, in exchange for those criminals being on call for the benefit of the state,” he said.
FBI Deputy Director David Bowdich echoed Demers’s remarks, saying that the charges were brought with the intention of putting the Chinese officials directing the cyberattacks on notice.
“There are serious consequences and risks for stealing our technology and our intellectual property,” Bowdich said.
He also urged nations partnering with the Chinese regime in economic development projects to reconsider their alliances with the communist nation due to its lack of regard for international law. He pointed out that the regime has engaged in a pattern of underhanded tactics such as using its economic influence to pressure countries not to expose or challenge its illegal actions such as hacking of companies, laboratories, or governmental organizations.
“This type of economic coercion is not what we expect from a trusted world leader. It is what we expect from an organized criminal syndicate,” Bowdich said.
Li and Dong have also been accused of targeting individuals of interest to the Chinese regime, such as dissidents, clergy, and democratic and human rights activists in the United States, Hong Kong, and mainland China. For example, the pair provided the MSS with email accounts and passwords belonging to a Hong Kong community organizer; the pastor of a Christian church in Xi’an city, China; and a dissident and former Tiananmen Square protester, the indictment said.
They also stole email content from a pastor belonging to a house Christian church in Chengdu city, who was later arrested by local authorities.
The two men have each been indicted on a series of charges including conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison, conspiracy to commit theft of trade secrets (maximum 10 years in prison), and conspiracy to commit computer fraud (maximum five years in prison).
This story will be updated.
From The Epoch Times
