The US Department of Homeland Security and Federal Bureau of Investigation (FBI) decided to issue a warning against Chinese hackers and spies who are working to steal America's research data with an aim to win the race of developing vaccines and treatments for the SARS-CoV-2. As per the officials, not only China but several other countries are trying to steal such valuable information on Coronavirus.
This warning comes after Israel accused Iran of mounting an effort in April to cripple water supplies when Israelis were following lockdown measures but there was no evidence to back this claim. However, the New York Times reported that as per private security firms, countries like South Korea and Vietnam have redirected their state-run cybercriminals to focus on gathering virus-related information.
Coronavirus crisis and increasing cyber threat
In a draft of public warning which is expected to be issued in a few days, US officials claimed that China is looking for "valuable intellectual property and public health data through illicit means related to vaccines, treatments and testing." They also mentioned that the state-backed hackers are focused on stealing data from inside academic and private laboratories. It is not yet revealed whether the US is focusing on any particular group of hackers.
However, as per current and former US officials, the decision to accuse China-backed cybercriminals is actually part of a broader strategy which would be similar to US effort to strike Russia, which is currently emerging as an ally of Beijing, and the intelligence group of the country to find out details on Kremlin's interference during 2018 midterm election and to put malware in the Russian power grid as warming for the cyberattacks on the US.
Here it should be noted that officials did not clarify if the US has sent similar shot targeting Chinese hacking groups, particularly for those who are closely tied to China's new Strategic Support Force, similar to the Cyber Command, the Ministry of State Security and other intelligence units.
The warning looks like another effort made by the Trump administration to blame China for its role in handling the Coronavirus pandemic that started in Wuhan city and within months spread across the globe infecting millions of people.
The war between the US and China over Coronavirus
This month, the US Secretary of State Mike Pompeo told media that there was "enormous evidence" which shows that the virus had come from a Chinese lab. Later, during the "The Jack Heath Radio Show" Pompeo said "There's evidence that it came from somewhere in the vicinity of the lab, but that could be wrong. We need to get the answer to that. It matters because we need to know where patient zero came from."
As per the intelligence agencies, they have reached no conclusion on the COVID-19 origin issue, but public evidence indicates a link between the outbreak's origins at a market in Wuhan and China's illegal wildlife trafficking. However, the agencies have claimed that the virus is not human-made, which has been a debatable topic since the outbreak in China. Meanwhile, the US State Department criticised a Chinese twitter campaign to push false narratives about the Coronavirus scenario and how the country tackled the virus.
Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency, told the New York Times that "China's long history of bad behavior in cyberspace is well documented, so it shouldn't surprise anyone they are going after the critical organizations involved in the nation's response to the Covid-19 pandemic" and added that the agency would "defend our interests aggressively."
It should be noted that last week, US and UK authorities had issued a joint warning stating that health care agencies, pharmaceutical companies, academia, medical research organizations and local governments are being targeted by foreign cybercriminals, indicating specific countries like Russia, China, Iran and North Korea.
The FBI officials have been visiting US universities and presenting briefings about the vulnerabilities of those organizations from the past few months. As per security experts, there is a noticeable surge of cyberattacks by Chinese hackers seeking a victory in the race to find Coronavirus vaccine or effective treatment.
Not only China, Iranian hackers were also reportedly trying to get inside Gilead Sciences, the developers of promising COVID-19 drug Remdesivir which was recently approved by the Food and Drug Administration for clinical trials. Even South Korean hacking groups targeted World Health Organization and officials in North Korea, Japan and the US, most likely as part of a broad effort to gather intelligence on virus containment and treatment.
Justin Fier, a former national security intelligence analyst who is now the director of cyberintelligence at Darktrace, said: "Everyone is conducting widespread intelligence gathering — on pharmaceutical research, PPE orders, response — to see who is making progress," and added that the frequency of such attacks and the spectrum of targets are "astronomical, off the charts."