The FBI and the Cybersecurity and Infrastructure Agency on Wednesday said they were probing attempts by Chinese government-aided hackers and others to target U.S. organizations conducting research on vaccines, treatments, and testing related to the COVID-19 pandemic.
“These actors have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research,” the FBI and CISA, which is part of the Department of Homeland Security, said in the statement. “The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options.”
The agencies warned that all U.S. institutions engaged in the work on COVID-19 should assume they’re being targeted by foreign hackers looking to take valuable information.
“China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19,” CISA said in an email. “This announcement is intended to raise awareness for research institutions and the American public and provide resources and guidance for those who may be targeted.”
Last week CISA and the United Kingdom's National Cyber Security Centre issued a similar alert that an "advanced persistent threat actor," typically a nation-state, was targeting national and international healthcare organizations, pharmaceutical companies, academia, medical research groups, and local governments.
CISA on Wednesday said organizations working on COVID-19 should fix vulnerabilities in their computer networks, scan applications for unauthorized access, and use multi-factor authentication to provide access to networks.
The United States has routinely raised alarms about Chinese cyberattacks and cyber spying operations intended to steal valuable intellectual property from U.S. and other international companies. The Justice Department has identified and brought charges against multiple Chinese officials involved in hacking and espionage. The United States has alleged that Chinese government hackers have stolen intellectual property related to aeronautics and energy sectors.
The Trump administration in 2018 created a special China Initiative at the Justice Department intended to focus the department’s resources and prosecutorial power on finding and exposing Beijing’s efforts. The department has brought several cases against Chinese companies, indicted Chinese intelligence officers and in one instance managed to extradite a Chinese intelligence officer to the United States for prosecution. The cases involved theft of self-driving car technologies, aviation equipment know-how, and manufacturing designs for a computer memory chip.
A top Chinese official named Yanjun Xu, who also goes by the name Qu Hui, was arrested and sent to the United States in 2018 while he was traveling through Belgium. He’s a deputy director at China’s Ministry of State Security, a civilian intelligence agency that conducts counter-intelligence as well as espionage domestically and abroad, according to the Justice Department.