The Justice Department announced charges Tuesday against two suspected Chinese hackers who allegedly targeted U.S. companies conducting COVID-19 research, part of what the government called long-running efforts to steal American trade secrets and intellectual property.
The 11-count indictment accuses the defendants, Li Xiaoyu and Dong Jiazhi, of conducting a hacking campaign that has targeted companies, nongovernmental organizations as well as Chinese dissidents and clergy in the United States and around the world.
Prosecutors said Li and Dong's efforts, which began as early as 2009 and are still going on, stole intellectual property and trade secrets worth hundreds of millions of dollars.
Most recently, prosecutors said, the men targeted U.S. companies doing research on treatment and vaccines for COVID-19. The indictment did not say whether the men managed to steal any of that research or data.
According to the indictment, Li and Dong waged the cyber-campaign for their own personal financial gain — but also at times on behalf of the Chinese Ministry of State Security. Prosecutors allege the men worked with a green light from the MSS and also received assistance from an MSS officer.
"China has now taken its place — alongside Russia, Iran and North Korea — in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being 'on call' to work for the benefit of the state," said Assistant Attorney General John Demers, who leads the Justice Department's National Security Division.
"Here," Demers continued, the goal was "to feed the Chinese Communist Party's insatiable hunger for American and other non-Chinese companies' hard-earned intellectual property, including COVID-19 research."
Demers said it's the first time the U.S. has brought charges against suspected Chinese private-sector hackers who also work at the behest of the state.
Scale of the alleged theft
Among the information Li and Dong allegedly stole for the MSS, the indictment said, was material on military satellite programs, wireless networks and communication systems, high-powered microwave and laser systems as well as a counter-chemical weapons system.
The indictment included a list of 25 unnamed companies that were alleged victims, including a Texas engineering and technology firm, a Massachusetts software company and a Virginia defense contractor.
Li and Dong also allegedly provided China's MSS with personal data on selected targets, such as passwords for email accounts of Chinese dissidents, including a Hong Kong community organizer and a former Tiananmen Square protester.
U.S. turns up the volume
The charges are the latest in what has become a steady drip of indictments against suspected Chinese hackers for allegedly stealing U.S. trade secrets.
The cyberattacks are part of what American officials describe as a relentless campaign of economic espionage waged by the Chinese state that aims to plunder U.S. companies of their intellectual property.
"China steals intellectual property and research, which bolsters its economy, and then they use that illicit gain as a weapon to silence any country that would dare challenge their illegal actions," FBI Deputy Director David Bowdich said Tuesday. "This type of economic coercion is not what we expect from a trusted world leader. It is what we expect for an organized criminal syndicate."
It's part of a broader effort by China, American officials said, to replace the United States as the world's preeminent superpower — a message that Attorney General William Barr and other senior Trump administration officials have sought to drive home in recent speeches on Sino-American relations.
As with many suspected Chinese hackers who face charges in the U.S., neither Li nor Dong are in custody and are unlikely to be arrested anytime soon or face trial. Both men, officials said, are believed to be in China.
But Justice Department officials said bringing charges is an important deterrent and also helps make China's criminal conduct clear to the rest of the world.