The Justice Department on Monday Monday announced the unsealing of an indictment charging four Chinese nationals with a years-long effort to hack into computer systems of dozens of companies, universities and governments in the U.S. and at least 11 other countries.
Ding Xaioyang, Cheng Qingmin, Zhu Yunmin, and Wu Shurong had one goal, according to court documents: install malware on protected computers and steal the data on the computers.
The indictment alleges that the HSSD created a front company to “identify and recruit talented computer hackers to penetrate foreign entities (including foreign universities) and steal trade secrets, proprietary data and to recruit talented linguists to interpret the stolen material.”
Prosecutors allege that the scheme went on from July 2009 to September 2018, targeting various research universities in the United States, including the National Institutes of Health, and primarily used a phishing technique to gain access to companies and institutions data.
The Justice Department alleges that the hackers targeted infectious-disease research related to Ebola, MERS, HIV/AIDS, Marburg and tularemia.
“These criminal charges once again highlight that China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments,” said Deputy Attorney General Lisa Monaco. “The breadth and duration of China’s hacking campaigns, including these efforts targeting a dozen countries across sectors ranging from healthcare and biomedical research to aviation and defense, remind us that no country or industry is safe. Today’s international condemnation shows that the world wants fair rules, where countries invest in innovation, not theft.”
The indictment comes on the heels of the Biden administration, several allies and partners and NATO are joining forces to “expose and criticize” China for a “pattern of malicious cyber activities,” announcing on Monday that the PRC is profiting off some of the cyberattacks they’ve supported, and officially saying they were behind the Microsoft Exchange server breach in March, according to senior administration officials.