The U.S. Department of Justice (DoJ) yesterday revealed charges against two Chinese nationals for their alleged involvement in a decade-long hacking spree targeting dissidents, government agencies, and hundreds of organisations in as many as 11 countries.
The 11-count indictment, which was unsealed on Tuesday, alleges LI Xiaoyu (李啸宇) and DONG Jiazhi (董家志) stole terabytes of sensitive data, including from companies developing COVID-19 vaccines, testing technology, and treatments while operating both for private financial gain and behalf of China’s Ministry of State Security.
“China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, [and] to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” said Assistant Attorney General John C. Demers, who leads the DoJ’s National Security Division.
The pair, who are currently wanted by the U.S. Federal Bureau of Investigation, came under the radar after they compromised a U.S. Department of Energy network in Hanford, which is home to a decommissioned nuclear production complex located in the state of Washington.
Aside from this breach, the individuals in questions have been accused of infiltrating the networks of companies spanning high tech manufacturing, industrial engineering, defence, educational, gaming software, and pharmaceutical sectors with an aim to steal trade secrets and other confidential business information.
Besides the U.S., a number of victim organisations are based in Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the U.K. In all, the targeted cyberattacks lasted over a period of more than ten years, starting around September 1, 2009, and continuing through July 7, 2020, the DoJ said.
images from Hacker News