Report Says Chinese And Iranian Hackers Seek To Steal Coronavirus Research
In a possible escalation, U.S. accuses China of actions some officials consider attacks on American public health. Report Says Chinese And Iranian Hackers Seek To Steal Coronavirus Research
Chinese hackers are targeting American universities, pharmaceutical and other health-care firms in a bid to steal intellectual property related to coronavirus treatments and vaccines and the intrusions may be jeopardizing progress on medical research, U.S. officials said in an alert Wednesday.
The alert came as U.S. officials charge that China and Iran since at least Jan. 3 have waged cyberattacks against American firms and institutions that are working to find a vaccine for Covid-19, the disease caused by the coronavirus, officials said.
The attacks have raised the prospect among some officials that the efforts could be viewed by the Trump administration as a direct attack on U.S. public health, they said, because the attacks may have hindered vaccine research in some cases.
Such an interpretation would represent an escalation of how the U.S. government views cyberattacks against the country.
In the alert Wednesday, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency, the cyber wing of the Department of Homeland Security, said that Chinese-affiliated “cyber actors and nontraditional collectors” had been identified attempting to steal intellectual property and public-health data related to research on Covid-19 vaccines, treatments and testing.
The alleged activity posed a significant threat to the U.S. response to the new coronavirus, the alert said. “The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options,” it added.
Wednesday’s alert didn’t identify hacking victims and didn’t explain how officials have arrived at their conclusion of Beijing’s responsibility in coronavirus-related espionage against the U.S. Additional technical information about the hacking operations may be released in the coming days, the alert said.
The alert didn’t mention Iran, but administration officials also have cited intelligence that they said suggests Tehran or its proxies have been targeting some of the same types of facilities.
The administration officials said one technique Iran has favored is so-called password spraying, a relatively unsophisticated hacking technique that attempts to compromise an organization by rapidly guessing common account-login passwords.
Among Iran’s recent targets, according to cybersecurity researchers, was the pharmaceutical company Gilead Sciences Inc., which has produced the antiviral drug remdesivir that was recently given emergency-use authorization by the Food and Drug Administration as a potential Covid-19 treatment.
U.S. officials said the effects of China and Iran’s attacks on efforts to find a vaccine are difficult to quantify, and they declined to provide evidence or to detail the intelligence on which their assessments were based. Intelligence gleaned by the administration in recent weeks formed the basis of the assessments, officials said.
Administration officials said China was the primary adversary conducting cyberattacks amid the coronavirus outbreak, with its attacks more widespread and frequent.
The attacks themselves have been disruptive, undermining the efforts of American research institutions and firms trying to find a vaccine for Covid-19, officials said. It wasn’t clear if the damage to some of the research was intentional, officials said, likening such instances to a house burglar who by cleaning his own fingerprints causes inadvertent damage to the home.
U.S. officials said that even an errant keystroke by a hacker targeting such health-care facilities could irreversibly harm efforts to find a vaccine.
“It is difficult, and sometimes impossible, to know what motivates such malfeasance, but any such activity carries with it the risk of triggering accidental, disruptive effects,” a senior administration official said.
Chinese and Iranian officials didn’t respond to requests for comment. China and Iran historically have denied targeting the U.S. with cyber espionage. Chinese Foreign Ministry spokesman Zhao Lijian said earlier this week that China opposed cyberattacks of all forms and was leading in the research for a Covid-19 vaccine and treatment.
“It is immoral for anyone to engage in rumor-mongering without presenting any evidence,” he said in a briefing Monday.
Amid hostile rhetoric from the Trump administration toward China, some experts and former officials have urged a quieter outreach to Beijing to both condemn the hacking and attempt to urge cooperation on medical research, while acknowledging such an appeal might not be effective.
“In an optimal world, everyone in the scientific community would be cooperating on finding a vaccine,” one former official, Chris Painter, a top cyber diplomat at the State Department during the Obama administration, said. “But we’re not in an optimal world.”
Universities and research institutions have long been of interest to Chinese state-sponsored hackers intent on pilfering biomedical advances and gaining access to classified defense projects and other sensitive information. They are widely viewed as weak points for hackers to target in part because of the collaborative nature of their work.
Entities working on biomedical research “were being targeted long before this crisis arose by the Chinese,” said John Hultquist, the director of intelligence analysis at the U.S.-based cybersecurity firm FireEye.
FireEye has seen evidence that Iran and Russia had targeted U.S. medical research groups during the pandemic, but China may have had a head start, he said.
“China had already recognized the value of these targets,” Mr. Hultquist said. “They are just more invested in targeting them right now. And they’re not alone.”
It is unusual for the U.S. government to formally blame another country for cyber activity so quickly after an attack is identified, given sensitivities around classified intelligence.
The decision to publicly call out China comes amid a global race to find a vaccine to control the coronavirus pandemic. Securing and producing vaccines in mass quantities could take at least 12 to 18 months, top government scientists have said, and reaching that goal first could hold geopolitical implications, as well as helping restore public health and economic stability.
“China has long engaged in the theft of biomedical research, and Covid-19 research is the field’s Holy Grail right now,“ John Demers, assistant attorney general for national security, said Wednesday. ”While its commercial value is of importance, the geopolitical significance of being the first to develop a treatment or vaccine means the Chinese will try to use every tool—both cyber intrusions and insiders—to get it.”
U.S. Says Chinese And,U.S. Says Chinese And,U.S. Says Chinese And,U.S. Says Chinese And,U.S. Says Chinese And,U.S. Says Chinese And,U.S. Says Chinese And,