The U.S. Department of Justice (DOJ) indicted two Chinese nationals for hacking US firms and government institutions to steal sensitive data, which include COVID-19 research information. Allegedly, the hackers were operating under the command of the Chinese government at the same time they hack companies for personal financial profits.
LI Xiaoyu, 34 years old, and Dong Jiazhi, 33 years old, were trained in computer app technologies and worked as state-backed hackers for over 10 years. According to the DOJ, the hackers were working for the Guangdong State Security Department (GSSD), China’s Ministry of State Security, and other government businesses, besides carrying out their own attacks. These cybercriminals were charged with stealing over a terabyte of intellectual property believed to have hundreds of millions of dollars value.
The hackers were high profile and carried out advanced hacks on firms and companies in Australia, Belgium, Japan, Germany, Lithuania, the Netherlands, Spain, Sweden, South Korea, the U.S., and the U.K. They attacked companies in industries, such as high-tech manufacturing, pharmaceutical, medical devices, energy, gaming applications, and business. The hackers likewise targeted specific dissidents, democratic and human rights activists, and clergy in the U.S, Hong Kong, and China.
The stolen intellectual property and sensitive information were handed to the Chinese government. In one case, the hackers stole source code from a company and tried to extort money threatening the company to publish the source code online if no payment is made. Lately, the hackers switched to hacking firms that create vaccines, technology, and cures for COVID-19. The hackers were indicted after being investigated due to the cyberattack on the U.S. Department of Energy’s Hanford Website in Eastern Washington.
The hackers took advantage of unpatched vulnerabilities in leading web server software programs, web app development suites and software collaboration applications and took advantage of vulnerable default settings. In several cases, new vulnerabilities were exploited, therefore there were no patches available to fix the flaws. After getting systems access, malicious web shells like ‘China Chopper’ were implemented which permitted the hackers to alter privileges, steal credentials, and implement malicious code. The hackers also hid exfiltrated data by disguising information in RAR compressed files and altering the file extensions to .jpg. The hackers additionally altered system timestamps and hid programs and documents in simple places on the victims’ networks, like in the recycle bins. In a lot of cases, the hackers created backdoors that permitted them to access again the victims’ networks and steal more intellectual property and information, usually many years after the preliminary attack.
The hackers were charged for executing attacks on no less than 8 firms and stealing trade secrets associated to manufacturing procedures, and tech designs, along with source code, chemical structures, and test outcomes. The stolen data would permit competitors to obtain a considerable market edge and save millions of dollars on research and development expenses, permitting them to produce competing merchandise.
The DOJ submitted an 11-count indictment (detailed below) to a federal grand jury in Spokane. The maximum sentence for the crime is over 40 years in prison, but it’s unlikely that the hackers will be brought to justice since no extradition arrangement exists between China and the U.S.
- seven counts of aggravated identity theft
- one count of conspiracy to commit fraud
- one count of conspiracy to commit wire fraud
- one count of conspiracy to commit theft of trade secrets
- one count of unauthorized access of a computer
The indictment shows the major impact on the Chinese MSS and its proxies if they are to keep on deploying malicious cyber strategies to steal or to stop what they don’t want. Cybercrimes led by the Chinese government’s intelligence services not just endanger the United States but also other countries that want fair play, global norms, and the rule of law. It likewise significantly undermines China’s aspiration to be a highly regarded leader in international affairs. The FBI and its global partners won’t stay hushed to this danger. They are determined to make the Chinese government responsible.