Officials warn Chinese hackers targeting groups developing coronavirus treatments

Officials warn Chinese hackers targeting groups developing coronavirus treatments
© The Hill illustration/Madeline Monroe

The FBI and the Department of Homeland Security’s cyber agency on Wednesday warned that Chinese government-backed hackers are targeting U.S. organizations developing vaccines and treatments for the COVID-19 virus.

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI said in the joint alert that the agencies hoped to “raise awareness” of threats posed to research groups by Chinese malicious actors. 

“These actors have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research,” the agencies warned. “The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options.”

ADVERTISEMENT

The agencies recommended that organizations conducting research into COVID-19 automatically assume they will be a major target of hackers, and that they increase cybersecurity. Tips included using multifactor authorization for accounts and patching vulnerabilities as quickly as possible.

“The FBI and CISA urge all organizations conducting research in these areas to maintain dedicated cybersecurity and insider threat practices to prevent surreptitious review or theft of COVID-19-related material,” the agencies wrote.

The New York Times first reported on the upcoming joint alert earlier this week, describing the malicious individuals involved as “China’s most skilled hackers and spies.”

Some key leaders on Capitol Hill have pushed for action to be taken to push back against Chinese cyberattacks.

Sen. Gary PetersGary Charles PetersGOP votes to give chairman authority to subpoena Obama officials Democratic senator to skip vote on Obama-era subpoenas Comey, Rice, Clapper among GOP senator's targets for subpoenas amid Obama-era probe MORE (Mich.), the top Democrat on the Senate Homeland Security and Governmental Affairs Committee, wrote a letter to President TrumpDonald John TrumpFederal plan to contain Washington protests employs 7,600 personnel: report GOP Rep calls on primary opponent to condemn campaign surrogate's racist video Tennessee court rules all registered voters can obtain mail-in ballots due to COVID-19 MORE on Wednesday expressing concerns around Chinese targeting of groups doing COVID-19 research. 

ADVERTISEMENT

Peters asked that Trump direct both CISA and U.S. Cyber Command to prioritize cybersecurity protections for hospitals and medical research groups. He also asked that “Department of Defense capabilities” be used to respond to state-sponsored hackers, noting that attacks on health care groups “put the lives of Americans who are seeking care at risk.”

“The United States must communicate a strong message to China’s government that this behavior is unacceptable,” Peters wrote. “The Administration should use public pressure and the threat of sanctions and additional indictments to deter future Chinese government attacks against research institutions.”

Rep. Mike RogersMichael (Mike) Dennis RogersBottom line Officials warn Chinese hackers targeting groups developing coronavirus treatments Hillicon Valley: Amazon VP resigns in protest | Republicans eye university ties to China | Support rises for vote by mail MORE (R-Ala.), the ranking member on the House Homeland Security Committee, tied the Chinese hacking to other concerns around China’s response to the COVID-19 crisis. 

“I’ve said it over and over again, there is something deeply suspicious about China’s role in this pandemic,” Rogers said in a statement earlier this week. “Now, China is trying to hack into our systems and to steal our information on COVID-19 vaccines, treatments, and testing. It’s outrageous and it’s corrupt.”

“We must take all steps necessary to protect our intellectual property from getting into the wrong hands, and we must ensure that they have the necessary resources and authorities to do so,” he added. 

ADVERTISEMENT

The new warning was issued weeks after CISA joined the United Kingdom’s National Cyber Security Centre in pushing out a separate warning highlighting cyber threats to health care and essential services groups. The agencies noted that these groups were likely being targeted to steal intellectual property around COVID-19 research. 

The COVID-19 pandemic has led to a spike in cyberattacks on health-related agencies and organizations. 

Hackers have targeted both the World Health Organization and the Department of Health and Human Services (HHS). Last week, Reuters reported that Iranian-linked hackers had targeted Gilead Sciences Inc., a U.S. drug company that makes the antiviral drug remdesivir. This has been found in one study to shorten the recovery time for those suffering from COVID-19.