Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 14 submissions in the queue.
posted by martyb on Wednesday July 22 2020, @08:47PM   Printer-friendly
from the NOW-they-tell-us? dept.

DOJ: Chinese hackers stole "hundreds of millions of dollars" of secrets

Two state-sponsored hackers in China targeted US businesses in a "sophisticated and prolific threat" for more than 10 years, both for financial gain and to steal trade secrets, the Department of Justice said today.

The 11-count indictment (PDF), which was made public today, alleges Li Xiaoyu and Dong Jiazhi worked with China's Ministry of State Security (MSS) and other agencies to hack into "hundreds of victim companies, governments, non-governmental organizations, and individual dissidents, clergy, and democratic and human rights activists in the United States and abroad."

Li and Dong were allegedly infiltrating networks of businesses in a wide array of sectors, including "high tech manufacturing; civil, industrial, and medical device engineering; business, educational, and gaming software development; solar energy; and pharmaceuticals," as well as defense contractors, since at least September 2009. In recent months, prosecutors allege, the two were seeking ways in to "the networks of biotech and other firms publicly known for work on COVID-19 vaccines, treatments, and testing technology" in at least 11 countries, including the US.

The indictment does not name the firms in question, only saying that "on or about January 25 and 27," Li was trying to break into networks at a Maryland biotech firm and a Massachusetts biotech firm, both of which were publicly known by that point to be working on COVID-19 vaccines. Matching up the timelines, the targets seem to have been Novavax, based in Gaithersburg, Maryland, and Moderna, based in Cambridge, Massachusetts.


Original Submission

Related Stories

“Disabling Cyberattacks” Are Hitting Critical US Water Systems, White House Warns 36 comments

https://arstechnica.com/security/2024/03/critical-us-water-systems-face-disabling-cyberattacks-white-house-warns/

The Biden administration on Tuesday warned the nation's governors that drinking water and wastewater utilities in their states are facing "disabling cyberattacks" by hostile foreign nations that are targeting mission-critical plant operations.

"Disabling cyberattacks are striking water and wastewater systems throughout the United States," Jake Sullivan, assistant to the president for National Security Affairs, and Michael S. Regan, administrator of the Environmental Protection Agency, wrote in a letter. "These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities."

[...] The letter extended an invitation for secretaries of each state's governor to attend a meeting to discuss better securing the water sector's critical infrastructure. It also announced that the EPA is forming a Water Sector Cybersecurity Task Force to identify vulnerabilities in water systems. The virtual meeting will take place on Thursday.

"EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems," Regan said in a separate statement.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by Anonymous Coward on Wednesday July 22 2020, @09:07PM (7 children)

    by Anonymous Coward on Wednesday July 22 2020, @09:07PM (#1025123)

    > both of which were publicly known by that point to be working on COVID-19 vaccines

    Profit driven medicine is the problem here. This information should be publicly shared so progress is made more quickly instead of each research group having to repeat the same mistakes because of secrecy due to profit motives.

    • (Score: 0) by Anonymous Coward on Wednesday July 22 2020, @09:22PM (6 children)

      by Anonymous Coward on Wednesday July 22 2020, @09:22PM (#1025129)

      Agreed, but for some reason I suspect the groups copying secrets now would not be forthcoming to share their findings back if the information not been secret in the first place.

      • (Score: 0) by Anonymous Coward on Wednesday July 22 2020, @09:25PM (3 children)

        by Anonymous Coward on Wednesday July 22 2020, @09:25PM (#1025131)

        Especially if China already had a vaccine months ago and isn't telling anyone.

        • (Score: 0) by Anonymous Coward on Wednesday July 22 2020, @09:55PM

          by Anonymous Coward on Wednesday July 22 2020, @09:55PM (#1025149)

          When the US liberates the information, back from east asia, there will be a parade.

        • (Score: 0) by Anonymous Coward on Wednesday July 22 2020, @09:56PM (1 child)

          by Anonymous Coward on Wednesday July 22 2020, @09:56PM (#1025151)

          So if I'm following you two correctly, China is stealing vaccine information, its not a big deal because it should be shared anyhow, but they're thief's and they're actually hiding the real vaccine from the world, and the country that steals secrets and makes money doing it isn't doing it this time? I can't wait to see where else you two go with this.

          I think I now understand why this type of thing makes people think that they are critically thinking. Follow me here.

          Working through a hard problem can be taxing on the brain.
          Circular thoughts can be taxing on the brain.
          For those that don't understand where to stop ruminating, it seems they confuse the two feelings for the same thing.
          Therefore, "Me Smart, U Dumb!"?

          • (Score: 1) by khallow on Wednesday July 22 2020, @11:37PM

            by khallow (3766) Subscriber Badge on Wednesday July 22 2020, @11:37PM (#1025197) Journal

            So if I'm following you two correctly, China is stealing vaccine information, its not a big deal because it should be shared anyhow, but they're thief's and they're actually hiding the real vaccine from the world, and the country that steals secrets and makes money doing it isn't doing it this time? I can't wait to see where else you two go with this.

            Three actually. Sounds something like a game of Chinese Whispers.

      • (Score: 1, Interesting) by Anonymous Coward on Thursday July 23 2020, @02:20AM (1 child)

        by Anonymous Coward on Thursday July 23 2020, @02:20AM (#1025274)

        At this point, maybe not. But, early on, before the ridiculous accusations/behavior of the current POTUS, the Chinese released the full genome sequence of the virus to the world, which gave a jump start for all the research that followed.

        • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @02:29PM

          by Anonymous Coward on Thursday July 23 2020, @02:29PM (#1025397)

          or ... and this completly pulled out the famous backside, the us knew there was some sort of "dust" in the blood stream of the general world population and they kept it secret (it's not super deadly and thus obvious)
          the test (for this common dust) was weapon of economics: whenever the world needed a "downer" the test would be pulled from the shelf and it would be proclaimed "that a new super virus" was making the rounds (confirmed by the test).
          maybe the chinese made the existance of this common "dust" public to ward off the carefully timed publication by amerikan side thus throwing the whole carefully planned manouver of "put, call, sell short, buy the world economy when in the toilet" ... in the crappers?
          just ask this question: "is every and each bit in the normal, healthy and average human blood stream (or body) testable? or is there still "stuff" to discover? is the human blood stream like a harddisk where each and every bit is either there or not or is the blood still, like the amazon jungle where new lizards, frogs and blind cave amphibians are discoverable?"
          ofc, just like with covid, the newly discovered animals and plants evolved overnight. one day or one month before it didn't exist ^_^

  • (Score: 2) by Gaaark on Wednesday July 22 2020, @10:12PM

    by Gaaark (41) on Wednesday July 22 2020, @10:12PM (#1025160) Journal

    Go after Microsoft for reparations. You know they'll be good for it: they always stand behind their products.

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
  • (Score: 0) by Anonymous Coward on Wednesday July 22 2020, @10:14PM (9 children)

    by Anonymous Coward on Wednesday July 22 2020, @10:14PM (#1025162)

    The recipe for Colonel Saunders' KFC herbs and spices mix? The secret of how they get the caramel in Caramilk?

    • (Score: 0) by Anonymous Coward on Wednesday July 22 2020, @10:56PM (6 children)

      by Anonymous Coward on Wednesday July 22 2020, @10:56PM (#1025181)

      Colonel is an exposed has-been.

      Coke, on the other hand, still rakes in. Wish they still used coca leaves.

      BTW, coke tasted great before, but it sucks now. Is it the corn syrup? Plastic bottle? Market research that sickly sweetness sells more?

      • (Score: -1, Flamebait) by Anonymous Coward on Wednesday July 22 2020, @11:00PM (3 children)

        by Anonymous Coward on Wednesday July 22 2020, @11:00PM (#1025182)

        The Colonel will rise again when the land is purged of Blacks. #WLM

        • (Score: 2, Insightful) by Anonymous Coward on Wednesday July 22 2020, @11:26PM (2 children)

          by Anonymous Coward on Wednesday July 22 2020, @11:26PM (#1025191)

          Shouldab thought that before "importing" all the blacks, eh.

          • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @02:34AM (1 child)

            by Anonymous Coward on Thursday July 23 2020, @02:34AM (#1025279)

            Yes! Especially considering what we were importing them for!

            I can't blame em for holding a grudge. I would too. You don't do that kind of crap to people then expect to be forgiven.

            TANSTAAFL

            • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @09:08PM

              by Anonymous Coward on Thursday July 23 2020, @09:08PM (#1025546)

              i understand what you mean, but "we" didn't import shit. The "international merchants" imported them on behalf of the top 1-2% richest landowners. Then when slaves were freed, pitted them against the poor whites for cheap labor instead of sending them back on their own dime. #notmydebt

      • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @12:29AM (1 child)

        by Anonymous Coward on Thursday July 23 2020, @12:29AM (#1025226)

        Mexican Coke (uses sugar) still tastes like original Coke.

        • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @01:48AM

          by Anonymous Coward on Thursday July 23 2020, @01:48AM (#1025257)

          Uses /cane/ sugar. Non-diet American coke still has sugar.

    • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @02:23AM (1 child)

      by Anonymous Coward on Thursday July 23 2020, @02:23AM (#1025275)

      Maybe they download a song
      .. And they used the RIAA estimate of what's it worth?

      • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @02:25AM

        by Anonymous Coward on Thursday July 23 2020, @02:25AM (#1025278)

        Whoops... I'd mod myself redundant if I could when I read the very next post

  • (Score: 5, Funny) by shortscreen on Wednesday July 22 2020, @10:55PM

    by shortscreen (2252) on Wednesday July 22 2020, @10:55PM (#1025180) Journal

    Only millions? The poor RIAA had trillions worth of music stolen (;_;)

  • (Score: 2) by legont on Thursday July 23 2020, @12:37AM (1 child)

    by legont (4179) on Thursday July 23 2020, @12:37AM (#1025228)

    Let's take a clear case of evil Russia.

    According to British, Russia is stealing - noxecistent mind you - vaccine from them https://www.theguardian.com/world/2020/jul/17/russian-hackers-steal-coronavirus-vaccine-uk-minister-cyber-attack [theguardian.com]

    According to Bloomberg, Russia has her vaccine since April but withholds it from her own citizens and the world. Only Russian elites have the pleasure. https://www.bloomberg.com/news/articles/2020-07-20/russian-elite-got-experimental-covid-19-vaccine-from-april [bloomberg.com]

    Oh, and I am sure that Moscow's take on this is that Russian elite heroically test the most dangerous substances themselves. They are real heroes of the Motherland and the world.

    --
    "Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
    • (Score: 1, Interesting) by Anonymous Coward on Thursday July 23 2020, @02:08AM

      by Anonymous Coward on Thursday July 23 2020, @02:08AM (#1025267)

      If only the elites have it then it clearly hasn't been mass tested. Otherwise not only the elites would have it.

      So what you are saying then is that the elites have a non-mass tested vaccine. It's only tested among the few elites.

      I think I'll give it a pass, even if it were offered to me.

      No, in real life, the elites mass test it on everyone else. They don't take version 1.0. They don't even take version 2.0. They wait until version 3.0 comes out before they take it. They want the masses to be the test dummies for them.

  • (Score: 5, Interesting) by Anonymous Coward on Thursday July 23 2020, @02:24AM (1 child)

    by Anonymous Coward on Thursday July 23 2020, @02:24AM (#1025277)

    I am so sick and tired of the 'he copied me,' 'no, she copied me first,' nonsense. These people act like children.

    Yes, everyone copies each other and everyone contributes to innovation. The U.S. has no monopoly on innovation. The Chinese innovates, the Japanese innovates, the EU innovates (Oxford), the U.S. innovates, Canada innovates. And everyone copies each other.

    The idea that these petty patents and fights over who innovates the most and who 'steals' the most are noteworthy is nonsense. Not that all IP is bad but much of it turns out to be needless, expensive, petty, useless, and ends up hindering innovation. Everyone copies from each other and improves upon it and innovation would progress perfectly fine without it. Sure, some innovation may be better off with it but much of it would still progress without IP.

    and stop saying that the Chinese is infringing on all of our patents. The Chinese now have plenty of their own patents and we infringe just as well. The quality of our patents is not any better than the quality of their patents. Most of the patents on both sides are equally as bogus. It's ridiculous that corporations and corporate bought politicians from both countries act like little children over such petty matters. I'm so sick of it.

    and I know I'm going to get comments from all of the pro-IP shills here that will claim that China is 'stealing' all of our innovation. As if somehow the U.S. (with its lack of manufacturing) and all of its useless patent trolls somehow has an inherent monopoly on innovation and the Chinese only know how to 'steal' that which our idiot, well below average intelligence, monolingustic patent trolls that barely speak their own native language (I see them posting their drivel here, on Slashdot, and Techdirt) can come up with. As if anyone seriously sits around and reads these useless and often incoherent patents for ideas to manufacturer.

    • (Score: 0) by Anonymous Coward on Thursday July 23 2020, @09:19PM

      by Anonymous Coward on Thursday July 23 2020, @09:19PM (#1025548)

      i don't have any sympathy for these windows-using companies. You want to support the digital slave trade then act all surprised when you are also the slave? fuck you.

      also these Suited Whores who send the manufacturing jobs overseas then whine when the Chinese government does their fucking job and says "we will let you use our cheap labor, but you must give us the means to make and sell the items ourselves one day"! No one forced you to sell out your own countrymen.

  • (Score: 2) by DeathMonkey on Thursday July 23 2020, @04:12PM (1 child)

    by DeathMonkey (1380) on Thursday July 23 2020, @04:12PM (#1025437) Journal

    Interesting how the "it's impossible to know who hacked what on the internet" crowd go silent when Russia isn't involved.

    • (Score: 2) by DeVilla on Thursday July 23 2020, @08:42PM

      by DeVilla (5354) on Thursday July 23 2020, @08:42PM (#1025530)

      I'm not sure what you mean. I haven't been watching these kind of articles lately myself. It's because I remember for years all the articles claiming Chinese hackers were doing things and people saying you can't know who they really are because they could route connections through anything. I agreed with that. Then the vault 7 leaks showed that theoretical tools for making such a false flag attack were in fact not theoretical.

      Then the Russian hacking story broke and we were suddenly able to know, with certainty, that it was Russian hackers, under Putin's direct orders, at the personal request of Trump, due to the "methods & motives" of the hackers. I've never heard what methods are known to be exclusively Russian. I've never heard how all potential motives (at the time I was capable listing dozens of groups with motives to steal and publish that information) were ruled out.

      But still, if people are asserting this could only be Chinese hackers, baring an actual trail of the stolen goods, it's questionable. I thought that was a given.

  • (Score: 0) by Anonymous Coward on Saturday July 25 2020, @08:54PM (3 children)

    by Anonymous Coward on Saturday July 25 2020, @08:54PM (#1026265)

    ""Hundreds of Millions of Dollars" of Secrets"

    First of all let's not forget that copying is not theft. For the difference see

    https://www.youtube.com/watch?v=m_oZvYiuCnY [youtube.com]

    Firstly let's assume that the information, if it were deleted, is worth hundred of millions. IOW, it cost hundreds of millions of dollars to produce this information. This is debatable, and probably not true, but even if it's true the fact that the Chinese simply copied it does not cost the original owner of the information anything. They still have the information. So they did not lose hundreds of millions of dollars of anything.

    How did it cost them anything for the Chinese to simply make a copy? It would be a huge stretch to say that they somehow lost hundreds of millions of dollars in the form of lost sales or revenue that the Chinese or everyone would have given to us had they not had copies. Were they going to sell this information to the Chinese or to other governments for hundreds of millions? Do they have evidence that anyone would have bought it for that much? Were they going to create a marketable product with this information and sell it but now that the Chinese also has this information they will also make a competing product that they wouldn't have otherwise been able to make and undercut the U.S. in a way that costs hundreds of millions? Do they have any evidence for this very incredible, hard to believe, claim whatsoever? Doubt it.

    Secondly it would even be hard to show that the benefits to the Chinese are worth in the hundreds of millions or even close. How exactly did the Chinese benefit in that amount? Can you show that they would have otherwise had to go through the expense of incurring the costs of obtaining this information themselves manually and that this would have cost them in the hundreds of millions to do the necessary R&D? Can you show that with this information they can now either create a marketable product that they can make hundreds of millions of dollars from? Or that they can sell the information to someone else for hundreds of millions? Doubt it.

    Thirdly even if the Chinese does benefit in the amount of hundreds of millions that doesn't even prove that it costs the U.S. anything. It could still be worth hundreds of millions to the U.S., in the form of how we benefit from it, and to the Chinese also, in the form of how they benefit from it. It goes back to the copying is not theft bit. The fact that they have a copy that can benefit them in the hundreds of millions doesn't mean their benefit costs us anything.

    That's why we should always question these dubious and incredible claims.

    • (Score: 0) by Anonymous Coward on Saturday July 25 2020, @08:58PM

      by Anonymous Coward on Saturday July 25 2020, @08:58PM (#1026268)

      Let's assume that the Chinese does benefit from this information and it helps their economy. Doesn't mean it costs us anything.

    • (Score: 0) by Anonymous Coward on Saturday July 25 2020, @11:50PM (1 child)

      by Anonymous Coward on Saturday July 25 2020, @11:50PM (#1026355)

      So let me continue this conversation.

      "The 11-count indictment (PDF), which was made public today, alleges Li Xiaoyu and Dong Jiazhi worked with China's Ministry of State Security (MSS) and other agencies to hack into "hundreds of victim companies, governments, non-governmental organizations, and individual dissidents, clergy, and democratic and human rights activists in the United States and abroad.""

      "victim companies"

      My government shouldn't really be concerned with wasting my taxpayer money protecting companies. The companies should protect themselves. If they are hacked that's their own fault and their own problem. I don't blame China, I blame the companies for putting their sensitive information on the Internet and not having the proper security to secure it.

      Now if they hacked personal user data that might affect individuals that's another story. Perhaps the government can inform the potentially affected citizens so they can take the steps required to protect themselves from fraud and identity theft and to sue the companies involved for putting their personal information on the Internet and not properly protecting it. If I do business with a company and it puts my personal information on the Internet and doesn't properly protect it and China hacks it I don't blame China. I blame the company that I am doing business with, they are the ones that should be sued by me and perhaps fined by the government.

      "governments"

      Most of the information that they hack from the government should probably be freely and openly available to the public. Governments have a bad habit of hiding everything. So this is no big deal if the Chinese government hacks it. I wish they would make it available to everyone as they probably should.

      Now for the information that is justifiably kept secret for whatever reason I, again, don't blame China. I blame the government(s) for putting such information on the Internet and not properly protecting it. They are to blame. They are the ones wasting our taxpayer money and being negligent and the government officials responsible are the ones that should be punished and lose their positions and the people need to elect officials that will ensure the right people are managing government information. If anything the DOJ should go after the governments that are being negligent with this information if there really is a justifiable reason for such information to be kept secret.

      "non-governmental organizations, and individual dissidents, clergy, and democratic and human rights activists"

      Again, these organizations should be responsible for protecting their own data. It shouldn't be up to the DOJ.

      If it's that these organizations are buying routers from companies that don't put the appropriate security measures in their routers then, if anything, the DOJ should go after the companies selling those routers to fix all the security loopholes. Stop blaming China and appropriate the blame on the correct party. The people making, selling, using, and managing software and hardware with security loopholes are the ones to blame.

      • (Score: 0) by Anonymous Coward on Saturday July 25 2020, @11:56PM

        by Anonymous Coward on Saturday July 25 2020, @11:56PM (#1026359)

        and if the U.S. really is so 'superior' to China that they have to hack us for our supposedly superior information then why is it we can't make anything that they can't hack? Or why aren't we even smart enough not to put such information on the Internet to begin with. Instead of blaming them perhaps we should look within and acknowledge that we aren't that much better than them and look to improve ourselves so that we can make things that aren't so easily hacked. Or simply don't put sensitive information on the Internet.

(1)