A week after the US Justice Department indicted two Chinese nationals it accused of attempting to spy on the research of multiple US-based targets including a “Massachusetts-based” company researching a vaccine for the coronavirus, Reuters confirmed with a US security official that this company was Moderna—whose mRNA vaccine made the news recently for showing promise against the novel coronavirus in nonhuman trials.
China on Friday denied these reports, saying the accusations were baseless and without evidence. “China does not need to and does not engage in technology theft,” foreign ministry spokesman Wang Wenbin said at a news briefing.
The US has repeatedly accused China of “economic espionage”, with cyber-attacks attributed as having originated from China blamed for stealing millions of dollars worth of research according to the Justice Department indictment.
The DoJ had indicted Li Xiaoui and Dong Jiazhi, accusing them of stealing millions of dollars worth of “trade secrets, intellectual property, and other valuable business information”. The indict added that the hackers worked for the Chinese Ministry of State Security and that they targeted companies in the US, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, South Korea, Spain, Sweden and the UK.
The 11-count indictment added that the attacks were not restricted to vaccine research and were conducted against defence contractors as well as human rights advocates and activists. The hackers only recently “probed for vulnerabilities” in computer networks of companies developing COVID-19 vaccines, testing technology and treatments.
In March, cybersecurity firm FireEye—which had published numerous reports detailing activities by “Advanced Persistent Threats” (APTs) linked with China that conducted economic espionage—had released a report detailing one of the broadest such campaigns observed yet at the time.
The report stated that between January 20 and March 11, “Chinese actor APT-41” targeted vulnerabilities in Cisco routers and Citrix networking products, in an attack that targeted countries including Australia, Canada, Denmark, Finland, France, India, Italy, Japan, Malaysia, Mexico, Philippines, Poland, Qatar, Saudi Arabia, Singapore, Sweden, Switzerland, UAE, UK and the USA, in industries ranging from banking and finance to construction, defence, healthcare, education, media, oil and gas, telecom, and others.