China targeting COVID-19 research organizations in US through hacking and 'insider threat', says FBI
The FBI and CSI urged all such organizations to maintain "dedicated cybersecurity" and "insider threat practices" to prevent the surreptitious review or theft of COVID-19-related material
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have warned that China is targeting organizations that are conducting COVID-19-related research in the US.
In a press release, the federal organizations announced they were investigating the targeting and compromise of US organizations conducting COVID-19-related research by "cyber actors" and "non-traditional workers" affiliated to the People's Republic of China.
They said they had observed these actors attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with this sensitive research.
"Health care, pharmaceutical, and research sectors working on COVID-19 response should all be aware they are the prime targets of this activity and take the necessary steps to protect their systems," they said in a statement.
"China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19. The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options."
The FBI and CSI urged all the organizations conducting research to maintain "dedicated cybersecurity" and "insider threat practices" to prevent the surreptitious review or theft of COVID-19-related material.
They recommended that these organizations assume the press attention would lead to increased interest and cyber activity and they "patch all systems for critical vulnerabilities," and "prioritize timely patching for known vulnerabilities of internet-connected servers and software processing internet data."
They also asked that they "actively scan web applications for unauthorized access, modification, or anomalous activities," "improve credential requirements and require multi-factor authentication," and "identify and suspend access of users exhibiting unusual activity."
John Demers, head of the Justice Department’s national security division, previously spoke of a similar threat from China to the Pittsburgh Post-Gazette.
"China has long engaged in the theft of biomedical research, and covid-19 research is the field’s Holy Grail right now," he said. "The geopolitical significance of being the first to develop a treatment or vaccine means the Chinese will try to use every tool -- both cyber intrusions and insiders -- to get it."
James Lewis, senior vice president and director of the technology policy program at the Center for Strategic & International Studies, a think tank based in Washington, said this activity was prompted by China's desire to build an "alternate narrative" about the coronavirus in which they were "the international good guys in the virus battle."
MEA WorldWide (MEAWW) previously reported that China had been accused of pushing back on and cracking down on coronavirus-related research happening inside its borders in a bid to stop its allies from procuring a cure first.
The news had come after CEO of Gilead Sciences Inc., an American biotechnology company that researches, develops, and commercializes drugs, reported that Beijing had shut down a branch of testing for Remdesivir.
The drug was originally developed as a treatment for Ebola virus disease and Marburg virus infections but is now being studied as a possible post-infection treatment for COVID-19, which is caused by the novel coronavirus.
The trial was reportedly seeing the drug used on patients in "severe condition" in Wuhan but has since been stopped.