US indicts Chinese hackers over alleged theft of COVID-19 vaccine data and state secrets

The United States Justice Department indicted two Chinese nationals over their apparent role in a decade-long cyber espionage campaign targeting defense intelligence, COVID-19 vaccine information and other state secrets.

The indictment was filed by the Justice Department against the suspects, Li Xiaoyu, 34, and Dong Jiazhi, 33, on July 7, and released to the public on Tuesday.

Li and Dong were accused of running covert cyber operations since 2009 and charged with 11 counts of fraud, identity theft and stealing confidential state intelligence, such as drug trial information, weapon designs, software codes and personal data of targeted persons.

FBI Special Agent Raymond Duda called the pair “one of the most prolific group of hackers we’ve investigated.”

Acting solo or for the CCP?

According to a statement released by the Justice Department, the defendants acted at times for their own personal benefit and at other times on behalf of China’s Ministry of State Secrets (MSS), an agency that fulfills a similar role to the US National Security Agency (NSA) and Central Intelligence Agency (CIA).

Ben Read, a senior analyst at cybersecurity company FireEye, said that the Chinese government had a tendency to employ external contractors for its cyberspying operations.

“Using these freelancers allows the government to access a wider array of talent, while also providing some deniability in conducting these operations,” he said.

Prosecutors suspect that the MSS supplied the hackers with information about critical software vulnerabilities and directed them to collect intelligence on opposition figures, including Hong Kong human rights activists, the office of the Dalai Lama and a Chinese Christian nonprofit.

While US officials did not publish the details of specific victims, lawyers involved in the case confirmed they targeted “hundreds and hundreds of victims in the United States and worldwide” across industries including engineering, software development and pharmaceuticals. Their actions are said to have caused companies to lose hundreds of millions of dollars of intellectual property.

Most recently, the two men were involved in finding “vulnerabilities in the networks of biotech and other firms publicly known for work on COVID-19 vaccines, treatments and testing technology.” US officials did not confirm or deny whether the hacker’s attempts were successful, but still expressed concerns that cyberattacks could slow down vaccine development efforts or allow the data to be manipulated.

“You can see by the variety of the hacks that they did how they were being directed by the government,” said John Demers, the assistant attorney general for national security at a news conference.

“Extorting someone for cryptocurrency is not something that the government is usually interested in, nor are criminal hackers usually interested in human rights activists and clergymen.”

However, Li and Dong are unlikely to be brought to trial since the US and China do not have an extradition agreement.

Demers said these hacking attempts indicated China, “is willing to turn a blind eye to prolific criminal hackers operating within its borders.

“In this manner, China has now taken its place, alongside Russia, Iran, and North Korea, in that shameful club of nations that provides safe haven for cybercriminals in exchange for those criminals being ‘on call’ for the benefit of the state,” he went on to say, condemning their attempts to “feed the Chinese Communist Party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research.”

No comment from China

The Chinese embassy in Washington refrained from commenting on the issue when questioned about the indictment on Tuesday, choosing instead to refer to Foreign Ministry spokeswoman Hua Chunying’s response to earlier hacking accusations from July 17.

“Some US politicians seem to be alleging that China is waging cyberattacks to steal US research on COVID-19 vaccines. It’s just absurd,” she said. “We are already leading the world in vaccine R&D with top researchers. We don’t need to secure an edge by theft.”

Hua defended China against “groundless speculations” from the US, stating that China is a “staunch defender of cybersecurity” and “firmly oppose and fight all forms of cyber attacks and thefts.”

She also pointed to the hypocrisy of the US allegations, citing a report by Yahoo News that claimed US President Donald Trump had issued a secret order in 2018 authorizing the CIA to conduct covert cyber operations against China, Iran, Russia and other political rivals.

The charges against Li and Dong come amid intensifying anti-China rhetoric by the Trump Administration as bilateral ties continue to worsen over issues such as human rights abuses in Hong Kong and Xinjiang, trade and security.

Last week, the US also accused Russia of trying to steal information on vaccine development trials, prompting many to call for more stringent cybersecurity measures.

“We need a comprehensive strategy to deter the serial theft of strategic U.S. secrets,” said Democrat Senator Chris Van Hollen. “It is not enough to have these one-off indictments. We need to make it clear upfront that there will be a very high price to pay for foreign actors that attempt to steal important trade secrets.”

Mr. Van Hollen also joined forces with Republican Senator Ben Sasse to propose a bill sanctioning foreign entities that attempt to steal American data and intellectual property.

“This indictment reveals yet again that Chairman Xi leads an army of hackers that steal and attempt to steal — every single day, in almost every country and industry,” said Sasse, referring to Chinese President Xi Jinping.

Have a tip or story? Get in touch with our reporters at tips@themilsource.com