Last week, authorities from the United States, United Kingdom and Canada accused a well-known hacker group tied to the Russian government, APT29 a/k/a Cozy Bear of using malware to exploit security vulnerabilities to enable it to steal COVID-19 vaccine research from companies located in these countries working to develop a vaccine. This was after a Federal Bureau of Investigation warning that Chinese hackers were targeting research organizations to gain access to research related to a COVID-19 vaccine, treatments and testing.
Earlier this week, the U.S. Department of Justice (DOJ) announced an indictment against two Chinese nationals believed to be associated with China’s Ministry of State Security for stealing or trying to steal terabytes of data from companies located in eleven countries, including companies located in Massachusetts, Maryland and California that were researching COVID-19 vaccines and antiviral drugs.
In addition to targeting COVID-19 research facilities, according to the DOJ press release, the alleged hackers, LI Xiaoyu and Dong Jiazhi targeted and successfully hacked “hundreds of victim companies, governments, non-governmental organizations, and individual dissidents, clergy and democratic and human rights activists in the United States and abroad…” The hackers worked for their own personal gain, but also to benefit the Chinese Ministry of State Security “or other Chinese government agencies.”
The victim companies were not identified by name, but were listed as “high tech manufacturing; medical device, civil, and industrial engineering; business, educational and gaming software; solar energy; pharmaceuticals; defense.” The DOJ further stated that “[I]n at least one instance, the hackers sought to extort cryptocurrency from a victim entity, by threatening to release the victim’s stolen source code on the Internet.”
In announcing the indictment, Assistant Attorney General for National Security John C. Demers said, “China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research.”