US accuses China of hacking coronavirus researchers, others

The United States Justice Department indicted two Chinese nationals for hacking defence contractors, COVID-19 researchers and hundreds of other victims worldwide, according to a court filing published on Tuesday.

US authorities said the Chinese nationals, Li Xiaoyu and Dong Jiazhi, participated in a multi-year cyber-espionage campaign that stole weapons designs, drug information, software source code as well as targeting dissidents and Chinese opposition figures.

Contact details for Li and Dong were not immediately available. 

The indictment did not name any companies, but officials said the investigation was triggered when the hackers broke into the Hanford Site, a decommissioned US nuclear production complex in eastern Washington state.

China rejected the allegations on Wednesday, accusing the US of “slander”.

“The Chinese government is a staunch defender of cyber security, and has always opposed and cracked down on cyber attacks and cyber crime in all forms,” foreign ministry spokesman Wang Wenbin told a regular news briefing in the capital, Beijing.

The indictment says Li and Dong stole terabytes of data from computers around the world, including in the US, Britain, Germany, Australia and Belgium.

US Attorney William Hyslop said “there are hundreds and hundreds of victims in the United States and worldwide”.

Li and Dong were “one of the most prolific group of hackers we’ve investigated,” said FBI Special Agent Raymond Duda, who heads the agency’s Seattle field office.

He said the pair was implicated in the theft of hundreds of millions of dollars in intellectual property.

The document alleges that Li and Dong acted as contractors for China’s Ministry of State Security, or MSS, a comparable agency to the US Central Intelligence Agency.

The MSS, prosecutors said, supplied the hackers with information into critical software vulnerabilities to penetrate targets and collect intelligence. Among those targeted were Hong Kong protesters, the office of the Dalai Lama and a Chinese Christian non-profit.

Assistant Attorney General for National Security John Demers said in a virtual news conference that the hackers occasionally worked for themselves, including a case in which Li allegedly tried to extort $15,000 in cryptocurrency from a victim.

Demers said China had joined the “shameful club of nations who provide a haven for cybercriminals” in exchange for their services stealing intellectual property.

One expert said the indictment showed the “extremely high value” that governments such as China placed on COVID-related research.

“It is a fundamental threat to all governments around the world and we expect information relating to treatments and vaccines to be targeted by multiple cyber-espionage sponsors,” said Ben Read, a senior analyst at cybersecurity company FireEye.

He noted that the Chinese government had long relied on contractors for its cyber-spying operations.

“Using these freelancers allows the government to access a wider array of talent, while also providing some deniability in conducting these operations,” Read said.

The indictment alleged the hackers operated from 2014 to 2020 and most recently attempted to steal cancer research.