Go back

US says wave of Chinese cyberattacks targeted universities

Image: Rawpixel, via Shutterstock

Attacks targeted infectious diseases research, according to US Department of Justice

Academic research into deadly diseases was among the targets of hacking attempts that the US Department of Justice has attributed to four individuals it says acted from China with the backing of the Chinese state.

On 19 July, the DoJ unsealed charges it brought in May against four Chinese nationals it alleges worked with the support of the Chinese government to infiltrate computers in the US and worldwide in order to steal commercially valuable information. Three of the four worked for Hainan State Security Department, the DOJ said.

The hacking operation used off-the-shelf and custom malware to infiltrate systems and steal trade secrets and other confidential information between 2011 and 2018, according to the department.

It said the hackers used the popular cloud storage site Dropbox to make the upload of stolen material appear innocuous to staff at target organisations. Dropbox has been approached for comment on the claim.

Disease research targeted

Targets included research institutes and universities, where the DoJ said hackers sought research material relating to Ebola, HIV and Middle East Respiratory Syndrome, which is caused by a novel coronavirus.

The DOJ alleged the hackers worked with staff and academics at unnamed universities in China, and that Chinese researchers helped them pick foreign academics to target and ran a front company.

Apart from the US, the hackers reportedly attacked computers in Austria, Canada, Germany, Norway, South Africa, Switzerland and the United Kingdom, among other countries.

Aside from health research, they allegedly targeted work on aviation, education and biopharmaceuticals. Stolen information included “chemical formulas” and “proprietary genetic-sequencing technology and data”.

Randy Grossman, the acting US attorney for the Southern District of California, where the charges were brought, said the Chinese government had “made a deliberate choice to cheat and steal instead of innovate”, and was “stealing the ideas and intellectual achievements of our nation’s best and brightest”.

Denial from China

A Chinese government representative directed Research Professional News to a statement by a spokesman from the Chinese Ministry of Foreign Affairs.

The spokesman said the US had made “groundless accusations out of thin air” and that the charges were brought “out of political purpose”.

He said China “firmly opposes and combats all forms of cyber attacks” and that the “so-called technical details” released by the US as proof “do not constitute a complete chain of evidence”.

The spokesman claimed the US is “the world’s largest source” of such attacks and that the US was among the top three host countries for systems that control infected computer systems in China.

He said a Chinese cyber security firm had found the US Central Intelligence Agency was behind attacks on systems in China, including those at research institutions, and these have “seriously undermined” China’s national security, economy and critical infrastructure.

“Countries should safeguard cyber security through dialogue and cooperation on the basis of mutual respect, mutual trust and mutual benefit,” he added.

Research Professional News has approached the DoJ and CIA for comment on the Chinese ministry’s claims.