British Foreign Secretary Dominic Raab has expressed deep concerns on Wednesday over evidence of Chinese cyberattacks against medical and academic institutions in 11 countries, including the UK.
The U.S. Department of Justice (DOJ) announced on Tuesday that two Chinese hackers had been indicted for stealing millions of dollars worth of trade secrets and other sensitive information, and attempting to steal research on COVID-19, which is caused by the Chinese Communist Party (CCP) virus.
The hackers targeted businesses and government agencies in several countries including the UK, Belgium, Germany, the United States, Australia, and Japan, the DOJ said in the indictment.
“I am deeply concerned by the evidence announced yesterday that China is engaged in malicious cyber attacks against commercial, medical and academic institutions, including those working to respond to the coronavirus pandemic,” said Raab in a statement.
“Our message to governments prepared to enable these activities is clear: the UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account and deter further malicious activity around the world.”
According to the DOJ indictment, Chinese nationals Li Xiaoyu, 34, and Dong Jiazhi, 33, hacked into computer systems of hundreds of victims, including companies, government, and non-governmental organizations, individual dissidents, and human rights activists in the United States and around the world in a decade-long campaign.
Li and Dong, both trained in computer applications technologies, did not hack solely for personal benefit, U.S. prosecutors alleged. They were also working with and assisted by the Chinese Communist Party’s Ministry of State Security (MSS)—the regime’s chief intelligence agency.
The companies Li and Dong targeted were engaged in high-tech manufacturing and other industries such as defense, pharmaceuticals, medical devices, and civil and industrial engineering.
More recently, the pair had been looking for vulnerabilities in the networks of biotech companies that were known for their COVID-19 related research, prosecutors alleged.
The indictment came after repeated warnings from U.S. authorities about Chinese attempts to obtain U.S. research findings through hacking.
U.S. Assistant Attorney General for National Security John C. Demers said in April that U.S. hospitals and research labs were being targeted by Chinese cyber activity.
The FBI warned in May that groups linked to China were attempting to illegally obtain information from organizations conducting research related to COVID-19.
The UK’s National Cyber Security Center (NCSC) and the U.S. Cybersecurity and Infrastructure Security agency (CISA) issued a joint advisory on May 5, exposing malicious cyber campaigns targeting international health-care and medical research organizations involved in the coronavirus response.
At the time, Raab called for an end to cyberattacks by hostile actors who are using the pandemic as an opportunity to carry out malicious cyber activity.
Janita Kan contributed to this report.