Chinese Cyber criminals targeted Covid-19 research, says US

Two Chinese nationals have been indicted for seeking to steal COVID-19 vaccine research and hacking hundreds of companies in the United States and abroad, including defense contractors, the US Justice Department has said. Li Xiaoyu, 34, and Dong Jiazhi, 33, also targeted human rights activists in the United States, China and Hong Kong, Assistant Attorney General John Demers said. The indictment comes amid rising tensions between the global superpowers fueled by the coronavirus pandemic which President Donald Trump blames on China.

Li and Dong, who are believed to be in China, acted in some instances “for their own personal gain” and in others for the benefit of China’s Ministry of State Security, Demers said at a news conference. “China has now taken its place, alongside Russia, Iran, and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals,” Demers said. The Justice Department said Li and Dong, who were classmates at an electrical engineering college in Chengdu, have been engaged in a computer hacking campaign for the past 10 years.

They have targeted companies in the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and Britain, it said. “Targeted industries included, among others, high tech manufacturing; medical device, civil, and industrial engineering; business, educational, and gaming software; solar energy; pharmaceuticals; defense,” it said.

The Justice Department said they also targeted “non-governmental organizations, and individual dissidents, clergy, and democratic and human rights activists in the United States and abroad, including Hong Kong and China.” According to the indictment, Li and Dong supplied the Ministry of State Security with passwords for personal email accounts belonging to Chinese dissidents, a Hong Kong community organizer, the pastor of a Christian church in Xian and a former Tiananmen Square protester.

Targeted foreign companies were not identified by name. But according to the indictment they included a Dutch electronics firm, a Swedish gaming company, a Lithuanian gaming company, a German software engineering firm, a Belgian engineering software company, an Australian defense contractor, a South Korean shipbuilding firm, a Spanish electronics and defense firm and a British artificial intelligence and cancer research company.