The indictment did not call the big apple companies, however, authorities said the investigation was triggered when the hackers stormed the Hanford site, a U.S. transparent nut production complex dismantled in eastern Washington.
According to the indictment, Li and Dong stole terabytes of knowledge of the computer world, adding in the United States, Britain, Germany, Australia and Belgium.
U.S. Attorney William Hyslop said “there are many patients in the United States and around the world.”
Li and Dong were “a prolific hacker group station that we investigated,” said FBI Special Agent Raymond Duda, who classified the ads at the agency’s Seattle office.
He said the pair was implicated in the theft of hundreds of millions of dollars in intellectual property.
The document alleges that Li and Dong acted as contractors for the Chinese Minischeck outside of State Security, or MSS, a comparable company of the Central Intelligence Agency.
The MSS, prosecutors said, provided hackers with data on critical software vulnerabilities to penetrate targets and gather information. Targets included protesters from Hong Kong, the Dalai Lama and a Christian non-Christian compatibility organization.
Assistant Attorney General for Homeland Security, John Demers, said at a virtual press conference that the hackers worked for themselves, adding in a case in which Li allegedly tried to extort $15,000 in a victim’s cryptocurrencies.
Demers said China had joined the “shameful club of countries that will provide safe haven to cybercriminals” on display for its high-value asset theft services.
One expert said the prosecution showed the “incredibly h8 value” that governments like China were giving to COVID-like investigations.
“This is a basic threat to all governments circulating around the world and we hope that therapy and vaccine data can be targeted through several cyberespionage sponsors,” said Ben Read, senior analyst at FireEye, a cybersecurity firm.
He noted that the Chinese government had long relied on contractors for its cyberespionage operations.
“The use of these freelancers allows the executive to access the diversity of talent, while providing some denial in the conduct of those operations,” Read said.
The indictment alleged that the hackers operated from 201 to 2020 and recently attempted to borrow the cancer investigation.