Arrow-right Camera

Color Scheme

Subscribe now

COVID-19

Chinese nationals indicted in Eastern Washington on charges of hacking Hanford

An investigation into coordinated attacks by a pair of Chinese hackers that officials believe are now targeting U.S. efforts to treat the novel coronavirus originated at the Hanford nuclear site in Richland.

“If it can occur there, we all must be aware it could occur anywhere,” William Hyslop, U.S. Attorney for Eastern Washington, said at a news conference Tuesday announcing indictments against the Chinese nationals, joined by officials from the U.S. Attorney General’s Office and the FBI.

Li Xiaoyu, 34, and Dong Jiazhi, 33, received assistance from the Chinese government in their hacking efforts dating back at least to 2009, according to the indictment.

Between January and May, the pair were linked by investigators to an attack on firms in Massachusetts, Maryland and California working on COVID-19 vaccines and testing kits.

Assistant Attorney General for National Security John C. Demers said the federal government is not alleging that any information was stolen, only that the hackers – who received assistance from an unnamed official in China’s Ministry of State Security – attempted to steal data.

“We do know that they were looking to obtain it by their computer intrusion activity, but we don’t allege that here,” Demers said.

Still, Demers said, even an attempted hack could delay efforts to combat the virus.

“We are concerned the hack, or even the attempted hack, can slow down research,” he said.

The pair, who are wanted by the FBI, targeted hundreds of private companies and government entities in countries around the world, according to the indictment.

Hyslop said that the alleged theft of intellectual property totaled in the hundreds of millions of dollars.

The discovery in March 2015 of an attempt to download a list of users with administrative privileges at the Hanford site, used in the development of the atomic bomb and for nuclear research during the Cold War, led to an investigation that produced the indictment, handed down by a Spokane grand jury on July 7.

“This was a relatively small intrusion, but nonetheless, a criminal intrusion, and a very important hack,” Hyslop said of the Hanford intrusion.

He noted the hackers made another attempt to intrude on Hanford’s systems in November 2018, a hack thwarted by safety efforts at the site.

Officials could not say what the Chinese hackers were seeking in their attack on the Hanford site, but the attempts were consistent with preliminary efforts made by hackers to access networks, a senior Justice Department official speaking on background said.

Evidence of Chinese government involvement with the hacker’s work was seen in targeting political dissidents in Hong Kong and at least one person involved in the protests at Tienanmen Square.

Officials said it’s the first such criminal case alleging coordination between hackers working privately for individual gain and the Chinese government.

The revelations should give countries pause when making partnerships with China, which the United States has warned is ramping up cyberattacks with the goal of obtaining coronavirus data in violation of international agreements. Those attempts violate a 2015 agreement between Presidents Barack Obama and Xi Jinping calling for an end to theft of intellectual property.

“In this matter, China has now taken its place alongside Russia, Iran and North Korea in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being on-call for the benefit of the state,” Demers said.

The FBI is seeking information about Li and Dong. Assistant Attorney General for National Security John C. Demers said it is not believed they will be traveling anywhere where an arrest would be likely, which is why federal officials decided to unseal the indictment and discuss it publicly Tuesday.

Officials also said they hoped the release of the indictment would alert other U.S. companies and government contractors about attempts to infiltrate U.S. systems.