The U.S. government has accused China of hacking COVID-19 research on vaccines and treatments for the virus. The FBI and Department of Homeland Security (DHS) warned in a joint statement that healthcare, pharmaceutical and research organizations are among those being targeted.
Start a Homeland Security degree at American Military University.
“China’s efforts to target these sectors poses a significant threat to our nation’s response to COVID-19,” the FBI and DHS’ Cybersecurity Infrastructure Security Agency (CISA) said in a statement.
“The potential theft of this information jeopardizes the delivery of secure, effective and efficient treatment options,” they said. The FBI and CISA did not confirm any specific compromise but said they will be releasing more details in the coming days.
Why is China targeting the U.S.?
So why is China targeting the U.S.? “The first country to produce successful vaccines and treatments will be seen across the globe in a hugely positive way as saviours from this pandemic,” says Philip Ingram, MBE, a former colonel in British military intelligence. “That will have positive implications on the view of science, research and manufacturing from that country,” he points out.
In addition, he says, stealing coronavirus data could have a favorable economic impact. “Whoever produces the first vaccine will likely make huge amounts of money directly and indirectly through more spin-offs.”
China has a history of stealing intellectual property to advance itself technologically and an element of its state cyber capability is aimed at doing that, says Ingram. “If they developed a vaccine first, it would help save face with the virus having originated in China and the economic benefits speak for themselves.”
As U.S.-China tensions escalate, nation state actors are ramping up cyber-attacks
Ian Thornton-Trump, CISO at Cyjax, thinks the move by the U.S. government is strategic. “It means that the U.S. Government is pushing the ‘China is bad narrative’ hard to distract from the tragic domestic situation.”
The warning comes as nation state cyber-attacks are ramping up amid the COVID-19 pandemic. Earlier in May, The U.K.’s National Cyber Security Centre (NCSC) and CISA warned that nation-state actors were using a simple technique called “password spraying” to target healthcare and medical research organizations.
In April, the FBI said foreign states had hacked into COVID-19 research centers.
While there isn’t a widely available vaccine, nation states will of course be targeting COVID-19 research, whether to disrupt or to steal the data. The most prevalent and well-armed state actors are thought to be China, Russia, Iran and North Korea.
“No one should be under the illusion that China and other nation state actors gang are mounting cyber offensives,” says Thornton-Trump.
During COVID-19, these and others have also been accused of spreading disinformation and using opportunities to steal business IP as more employees work from home.
In addition to the threat from China, a recent US-CERT alert warned there had been an increase in activity from “Hidden Cobra,” the APT name given to North Korean hackers. “So we know they are very much in the game right now,” says Thornton-Trump.
It’s inevitable that there will be more nation state cyber-attacks in the coming days and weeks during the COVID-19 pandemic, against the U.S. and the West. These will come from a number of different countries—not just China.