Two Chinese hackers working with the Ministry of State Security have been charged with global computer intrusion campaign targeting intellectual property and confidential business information, including COVID-19 research, the US Department of Justice said.
The indictment alleged that the two former computer engineers, identified as Li Xiaoyu, 34, and Dong Jiazhi, 33, conducted a hacking campaign lasting more than ten years, targeting companies in countries with high technology industries, including the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom.
It was also alleged that the two had hacked companies engaged in high-tech manufacturing, pharmaceuticals, and gaming software development, and with targeting dissidents, clergy and human rights activists in the United States, China, and Hong Kong.
“China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cybercriminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” said Assistant Attorney General for National Security John C Demers.
“This indictment demonstrates the serious consequences the Chinese MSS and its proxies will face if they continue to deploy malicious cyber tactics to either steal what they cannot create or silence what they do not want to hear,” said FBI Deputy Director David Bowdich.
“Cybercrimes directed by the Chinese government’s intelligence services not only threaten the United States but also every other country that supports fair play, international norms, and the rule of law, and it also seriously undermines China’s desire to become a respected leader in world affairs. The FBI and our international partners will not stand idly by to this threat, and we are committed to holding the Chinese government accountable,” he added.
The US Department of Justice said that the complicated nature of cyber investigations is only exacerbated when the criminal is backed by the resources of a foreign government.
“The indictment charges the defendants with conspiring to steal trade secrets from at least eight known victims, which consisted of technology designs, manufacturing processes, test mechanisms and results, source code, and pharmaceutical chemical structures”, the Department said.
The defendants have each been charged with one count of conspiracy to commit computer fraud, which carries a maximum sentence of five years in prison; one count of conspiracy to commit theft of trade secrets, which carries a maximum sentence of ten years in prison; one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; one count of unauthorized access of a computer, which carries a maximum sentence of five years in prison; and seven counts of aggravated identity theft, which each carries a mandatory sentence of two non-consecutive years in prison.