Groups linked to China are attempting to illegally obtain information from organizations conducting research related to COVID-19, the FBI warned on Wednesday.
COVID-19 is a new disease caused by the CCP (Chinese Communist Party) virus, which originated in China last year.
The FBI and Cybersecurity and Infrastructure Security Agency (CISA) said that China-affiliated cyber actors and other groups “have been observed attempting to identify and illicitly obtain valuable intellectual property (IP) and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research.”
“The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options,” the agencies said in a joint public service announcement (pdf).
The agencies said all organizations conducting research linked to the new illness should “maintain dedicated cybersecurity and insider threat practices to prevent surreptitious review or theft of” research material.
Organizations conducting such research should assume that media reports about the research will lead to increased interest and cyber activity.
Staff members should patch systems for critical vulnerabilities, making the patching of known vulnerabilities of internet-connected servers and software processing internet data the priorities.
Other recommendations include actively scanning web applications for unauthorized access, modification, or anomalous activities, improving requirements for users logging in, and identifying and suspending access to any users exhibiting unusual activity.
The FBI is responsible, among other responsibilities, for protecting America against foreign intelligence, espionage, and cyber operations; CISA, an office inside the Department of Homeland Security, is responsible for protecting critical infrastructure in the nation from physical and cyber threats.
John Hultquist, senior director of analysis at Mandiant Threat Intelligence, said that analysts have identified cyber espionage at several organizations conducting research on COVID-19.
Russia, Chinese, and Iranian actors have targeted both public and private groups developing therapies for the new illness, he said in an emailed statement.
“We suspect collecting intelligence on COVID-19 has become the number one priority for intelligence services throughout the world and we expect them to aggressively leverage cyber espionage against the public and private sector,” Hultquist said.
Asked about reports of Chinese hackers trying to access information about research into CCP virus vaccines, national security adviser Robert O’Brien told reporters Tuesday: “We know that China has been stealing American intellectual property in the technology sector,” such as genomes and aircraft manufacturing, “for a generation now.”
“It doesn’t surprise me at all that there are open source reports that the Chinese are attempting to use cyber tools to hack our universities and our research facilities. That’s something we take very seriously and we’re watching very closely,” he added.
U.S. Assistant Attorney General for National Security John C. Demers said in a speech last month that it would be “beyond absurd” to think that China wouldn’t attempt to obtain “biomedical research relating to vaccines or treatment for coronavirus,” since the medical information would be of “great importance, not just from a commercial value.”
Chinese officials have denied being involved with cyberattacks against American institutions and claimed they were leading the world in research for a CCP virus vaccine and treatments for COVID-19.
