meREWARDS lets you get coupon deals, and earn cashback when you complete surveys, dine, travel and shop with our partners
WASHINGTON: The US Justice Department on Tuesday (Jul 21) indicted two Chinese nationals over their role in what the agency called a decade-long cyber espionage campaign that targeted defence contractors, COVID-19 researchers and hundreds of other victims worldwide.
The U.S. government He said Li Xiaoyu and Dong Jiazhi stole terabytes of gun drawings, drug information, software source code, and non-public knowledge of targets that add dissidents and Chinese opposition figures. They were Chinese government contractors, who spies full-fledged, American officials said.
U.S. Deputy Attorney General for Homeland Security John Demers said at a virtual news convention that the attacks showed that China is “in a position to turn a blind eye to prolific hackers operating within its borders.”
“In this way, China has now taken its place, along with Russia, Iran and North Korea, in this shameful club of nations that shelters cybercriminals in exchange for those criminals on appeal to gain the state’s advantages.”
Messages that were left with accounts registered with Li’s virtual alias, oro0lxy, were not returned without delay. Dong’s touch data was not available without delay.
The Chinese Embassy in Washington referred Reuters to recent Chinese Foreign Ministry comments that “China has long been a major victim of cyber thefts and attacks” and its officials “firmly oppose and fight” such activities.
The indictment mostly did not name any companies or individual targets, but US Attorney William Hyslop, who spoke alongside Demers, cited “hundreds and hundreds of victims in the United States and worldwide”.
Officials said the probe was triggered when the hackers broke into a network belonging to the Hanford Site, a decommissioned US nuclear complex in eastern Washington state, in 2015.
Li and Dong were “one of the most prolific group of hackers we’ve investigated,” said FBI Special Agent Raymond Duda, who heads the agency’s Seattle field office.
A Jul 7 indictment made public on Tuesday alleges that Li and Dong were contractors for China’s Ministry of State Security, or MSS, a comparable agency to the US Central Intelligence Agency.
The MSS, prosecutors said, supplied the hackers with information into critical software vulnerabilities to penetrate targets and collect intelligence. Targets included Hong Kong protesters, the office of the Dalai Lama and a Chinese Christian non-profit.
As early as Jan 27, as the coronavirus outbreak was coming into focus, the hackers were trying to steal COVID-19 vaccine research of an unidentified Massachusetts biotech firm, the indictment said.
It is unclear whether anything was stolen but one expert said the allegation shows the “extremely high value” that governments such as China placed on COVID-related research.
“It is a fundamental threat to all governments around the world and we expect information relating to treatments and vaccines to be targeted by multiple cyber espionage sponsors,” said Ben Read, a senior analyst at cybersecurity company FireEye.
He noted that the Chinese had long relied on contractors for their cyberespionage operations.
“The use of these self-employed workers allows the government a greater diversity of talent, while providing some denial in conducting those operations,” Read said.