The Trump administration is calling out the Chinese government over alleged attempts to hack and steal information for developing a coronavirus vaccine.
The FBI and the Cybersecurity and Infrastructure Security Agency said Wednesday that state-sponsored Chinese hackers are targeting US researchers in cyberattacks seeking information on vaccines for COVID-19. The hackers are also looking to steal data related to testing for the coronavirus outbreak, in addition to treatments, according to the agencies.
“These actors have been observed attempting to identify and illicitly obtain valuable intellectual property (IP) and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research,” the joint warning said.
The agencies said they would be releasing more technical details about the hacking attempts “in the coming days.”
Their warning recommended that researchers patch all their systems for critical vulnerabilities and require multifactor authentication for accounts. Companies at risk should also know that more press attention will mean a higher chance of hacking attempts, the warnings said.
The Chinese embassy didn’t respond to a request for comment.
In a statement Thursday, Secretary of State Mike Pompeo also called out the Chinese government for the attempted cyberattacks.
“The PRC’s behavior in cyberspace is an extension of its counterproductive actions throughout the COVID-19 pandemic,” Pompeo said.
Cyberattacks have been on the rise because of COVID-19, with cybercriminals taking advantage of people’s fears about the pandemic. The FBI said it’s received more than 3,600 complaints related to the coronavirus in April, and scams surrounding the disease have stolen more than $12 million from Americans.
Government-backed hackers are using cyberattacks to steal information from other countries, security researchers have found. Cybersecurity firm FireEye said it’s found that state-sponsored hackers from Vietnam had been targeting the Chinese government for information on how it’s been handling the COVID-19 outbreak.
Reuters also reported that hackers linked to Iran had been targeting attacks against Gilead Sciences, the company behind the coronavirus drug remdesivir.
In April, the World Health Organization said it’s seen a fivefold increase in cyberattacks, while on May 5 CISA, which is part of the US Department of Homeland Security, and the United Kingdom’s National Cyber Security Centre issued a joint warning that government-backed hackers were targeting health care organizations.
The targets included pharmaceutical companies and researchers linked to COVID-19 responses, the government officials said.
The US government has called out China’s hackers for other cyberattacks in the past, including the Equifax breach and a “massive theft” from NASA.
The Justice Department has said that more than 90 percent of economic espionage cases involve China, including in medical research. In these cases, countries are looking to hack their way to a cure for COVID-19. Google said it’s found more than a dozen hacking groups backed by governments launching coronavirus-related cyberattacks.
Researchers have noted that a coronavirus vaccine is key to economic recovery from the pandemic, and that without it, models predict hundreds of thousands of deaths from the disease.
“China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19,” CISA and the FBI said Wednesday. “This announcement is intended to raise awareness for research institutions and the American public and provide resources and guidance for those who may be targeted.”
Courtesy – Cnet