U.S. authorities said Tuesday they have indicted two Chinese hackers suspected of stealing hundreds of millions of dollars' worth of trade secrets and other valuable information from companies worldwide, and also targeting firms developing vaccines for the coronavirus.
The two individuals -- Li Xiaoyu, 34, and Dong Jiazhi, 33 -- have allegedly worked with the Chinese Ministry of State Security in what the U.S. Justice Department called a "sweeping global computer intrusion campaign" against companies including those located in Australia, Britain, Germany, Japan and South Korea.
The latest indictment is different from past hacking cases in that U.S. authorities have not just indicted the hackers for their criminal activity but also for their activities on behalf of the Chinese government, Assistant Attorney General for National Security John Demers said.
"It is the first time that we're announcing charges that present what we call this blended threat of criminal hackers -- also doing state-sponsored activities and being allowed to do their criminal activities and profit off those criminal activities by the state," he said at a press conference.
He also criticized China for taking "its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being 'on call' for the benefit of the state, here to feed the Chinese Communist Party's appetite for American and other non-Chinese companies' hard-earned intellectual property."
According to the indictment, the two defendants, former classmates at an electrical engineering college in Chengdu, China, have for years gained unauthorized access to computers around the world and stolen terabytes of data.
Li and Dong have in some instances committed theft of business and other information for their own profit, but they have also stolen material of obvious interest to the Chinese Ministry of State Security, such as information regarding military satellite programs and high-powered microwave and laser systems.
The two also allegedly gave the ministry the passwords for personal email accounts belonging to a Hong Kong community organizer as well as a Chinese dissident and former Tiananmen Square protester. Emails between the dissident and the office of the Dalai Lama, Tibet's exiled spiritual leader, have also been stolen.
As for the Japan-linked intrusion incidents, the indictment alleged that a mechanical engineering company operating in the United States and Japan suffered the theft of a total of 1.2 terabytes of proprietary and sensitive data, including specifications for high-efficiency gas turbines in 2018 and March 2020.
A U.S. subsidiary of a Japanese medical device and supplies company also had testing data and manufacturing plans for internal medical devices stolen, the indictment said.
Most recently, the defendants have gone after vulnerabilities in the networks of biotech and other firms in the United States known for work on coronavirus vaccines, treatments and testing technology, the authorities said.
