Along with companies in the U.S., Li Xiaoyu, 34, and Dong Jiazhi, 33, “conducted a hacking campaign lasting more than 10 years to the present, targeting companies in countries with high technology industries -- Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom,” according to the indictment.
Both men were allegedly trained in computer applications technologies at the same Chinese university and were focused on targeting industries included, among others, “high tech manufacturing; medical device, civil, and industrial engineering; business, educational, and gaming software; solar energy; pharmaceuticals; defense.”
The indictment charges the defendants with “conspiring to steal trade secrets from at least eight known victims, which consisted of technology designs, manufacturing processes, test mechanisms and results, source code, and pharmaceutical chemical structures.”
Data they would collect were of great value for competitors, providing them an insight into proprietary business plans and savings on research and development costs in creating competing products.
The defendants “frequently returned to re-victimize companies, government entities, and organizations” from which they had previously stolen data, in some cases years after the initial successful data theft.
The indictment also alleged that in at least one instance, the two men sought to extort cryptocurrency from a victim, by threatening to release the victim’s stolen source code on the Internet.
The cybercrime was first discovered on computers of the Department of Energy’s Hanford Site in Eastern Washington, according to William D. Hyslop, U.S. Attorney for the Eastern District of Washington.
“The hackers operated from China both for their own gain and with the assistance and for the benefit of the Chinese government’s Ministry of State Security,” he said.
“China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” Assistant Attorney General for National Security, John C. Demers, said.
Following the indictment, the FBI issued a warrant against Li Xiaoyu and Dong Jiazhi.
FBI Deputy Director, David Bowdich, warned that the two hackers have been “directed by the Chinese intelligence services,” to target companies and laboratories in countries around the world.
“China uses its economic influence to pressure those countries not to publicly expose or challenge their illegal actions,” he said and added that China steals intellectual property and research, which bolsters its economy.
Bowdich explained that Chinese authorities then use that illicit gain as “a weapon to silence any country that would dare challenge their illegal actions.”
“This type of economic coercion is not what we expect from a trusted world leader. It’s what we expect from an organized criminal syndicate,” he said.