Chinese Nationals Li Xiaoyu (above), 34, and Dong Jiazhi, 31, allegedly stole information from an Australian defence contractor
A hacking duo accused of being ‘on call’ for the Chinese government accessed top secret Australian defence files, US officials claim.
The men have been indicted in the US for allegedly targeting an Australian defence contractor and solar energy engineering company.
Li Xiaoyu, 34, and Dong Jiazhi, 33, are accused of stealing 320 gigabytes of documents, source code, engineering schematics and technical manuals from the contractor.
The pair are reportedly linked to China‘s top secret Ministry of State Security have been indicted
Li and Dong also conducted surveillance on US biotech firms working on COVID-19 vaccines and businesses in the UK, Japan, Belgium, Germany, Sweden, Lithuania, the Netherlands, Spain and South Korea, according to US prosecutors.
The FBI released wanted posters (pictured)m for the two men on Tuesday after the hacking campaign was revealed
The hacking allegations against the Australian defence contractor, solar engineering company and other firms, governments and individuals are contained in a 27-page federal grand jury indictment.
The 11-count indictment alleges their hacking campaign lasted more than ten years and involved terabytes of data.
They stole ‘hundreds of millions of dollars’ in trade secrets and intellectual property from companies and targeted individual dissidents, clergy, and democratic and human rights activists in Hong Kong, China and other parts of the world.
The identities of the Australian defence contractor and solar business were not disclosed in the indictment.
They are referred to as ‘Victim 21’ and ‘Victim 23’ respectively.
The hacking allegations come amid growing tensions with China (pictured, Prime Minister Scott Morrison pictured with Chinese President Xi Jinping in 2019)
The defence contractor was allegedly hacked on April 18 last year and the solar business earlier in January this year.
Li and Dong allegedly placed malicious China Chopper web shell programs and credential-stealing software on victim networks, allowing a remote operator to execute commands on victim computers.
‘On or about January 28, 2020, Li accessed Victim 23’s network via a China Chopper web shell,’ the indictment reads.
‘Li then executed commands on Victim 23’s network that enabled him to view reconnaissance information such as directory contents and user privileges.’
The hackers allegedly gained access to victim networks by exploiting publicly known software vulnerabilities in popular web server software, web application development suites, and software collaboration programs.
They are understood to have broken in before the vulnerabilities were found and fixed.
‘(They) stole approximately 320 gigabytes of documents including, among other things, source code for (the company’s) products, engineering schematics and technical manuals,’ the DOJ’s indictment revealed.
It is not clear what defence information was stolen from Australia.
But it did include topics on military satellite programs, military communications systems, microwave and laser systems, counter-chemical weapons systems and ship-to-helicopter integration systems.
‘The hackers stole terabytes of data which comprised a sophisticated and prolific threat to U.S. networks,’ Assistant Attorney General for National Security John Demers (pictured) said during a press conference
‘These intrusions are yet another example of China’s brazen willingness to engage in theft through computer intrusions contrary to their international commitments,’ US Assistant Attorney General John Demers told reporters in Washington DC on Tuesday.
Li and Dong, both nationals and residents of China, were classmates at an electrical engineering college in Chengdu, China.
The FBI released wanted posters for the two men on Tuesday.
The defendants acted for personal financial gain in some circumstances, and in other attacks for the benefit of the MSS and other Chinese government agencies, prosecutors said.
Li and Dong face charges including conspiracy to commit computer fraud, conspiracy to commit theft of trade secrets and aggravated identity theft.
The news comes as Mr Morrison confirmed he and China’s President Xi Jinping have not spoken in more than a year.
Mr Morrison told the ABC he last spoke to the leader of Australia’s biggest trade partner at the G20 summit in Japan in June last year.
People’s Liberation Army soldiers march next to the entrance to the Forbidden City during a ceremony on May 22 (pictured)
He insisted the relationship was important, despite the lack of communication at a tense time between the two countries, but he suggested Australia would not compromise.
‘The relationship is important and we have no intention of injuring it, but nor do we intend to do things that are contrary to our interests,’ Mr Morrison told the ABC’s 7.30 program on Tuesday.
Trade Minister Simon Birmingham has spent months unsuccessfully trying to get a response from his Chinese counterpart after Beijing imposed hefty tariffs on Australian exports.
Relations with China have become fraught since Australia pushed for a World Health Organisation investigation into the origins of the coronavirus.
An Australian government probe is being led into TikTok – echoing calls from US President Donald Trump to ban the social media platform after claims it shares data with China
China has placed an 80 per cent tariff on Australian barley, blocked beef imports, and warned tourists and students not to travel to Australia because they claim it’s unsafe and racist.
This month, China accused Australia of interfering in its affairs after Canberra offered safe haven to Hong Kong residents and strengthened travel warnings.
In the most recent development China accused the Australian government of becoming a ‘US puppet’ and warned Mr Morrison he would be ‘shooting himself in the foot’ if he bans TikTok.
Mr Morrison said on Friday the government would be monitoring the popular video platform amid fears the company is sharing Australian users’ personal information with Beijing.
TikTok is a Chinese social media app where users can live stream, create short videos and music videos and Gifs with a host of functions. Pictured: A video shared by soldiers