US agencies have warned that China is attempting to steal vital coronavirus research by hacking US groups studying the disease, in the latest escalation of tensions between Washington and Beijing over the pandemic.
In a warning on Wednesday, the FBI and the Cybersecurity and Infrastructure Security Agency (Cisa) said that they were investigating the “targeting and compromise” of US research groups by the People’s Republic of China and its affiliates, and warned the illicit campaign could jeopardise the delivery of treatments.
“These actors have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing,” the public warning said, although it did not name the organisations targeted or say whether any attacks had been successful.
“Healthcare, pharmaceutical and research sectors working on Covid-19 response should all be aware they are the prime targets of this activity,” it added, urging the groups to boost their protections against outside hacking as well as against so-called insider threats, which includes when internal employees are co-opted into leaking data to foreign intelligence.
The US and China have repeatedly accused each other of failures with regard to the pandemic, at a time when the Trump administration’s already hostile stance against Beijing has led many analysts to characterise the onset of a new type of cold war.
Mike Pompeo, the US secretary of state, has said China failed to share information about the virus and suggested the disease originated in a Chinese virology lab in Wuhan, the city where the first reports of the virus emerged.
The US state department also said last week that China was trying to shape public understanding of the pandemic for its own purposes, arguing Beijing wanted to reshape the global narrative to “look as though it is the leader in the global recovery and not the source of the problem”.
In the Wednesday warning, the US agencies said that they would release “additional technical details” about the alleged hacking of researchers in the coming days.
James Lewis, a cyber security expert at the Center for Strategic and International Studies, a Washington think-tank, said Chinese hackers were still relatively poor at hiding their tracks and that US universities were particularly bad at protecting their networks.
“Chinese espionage is already massive but there are signs they are retargeting from traditional targets on to biomedical targets — the warning is timely but it is probably a little late for some places,” he said. Mr Lewis added that any successful hacks could imperil domestic commercial efforts to develop a vaccine or hand China a propaganda coup if it were to develop the research and then claim credit.
“In an open, trusted relationship, they would just come and ask us,” he said. “But the last couple of years has seen a big uptick in Chinese espionage.”
Separately last month, Cisa and the UK’s National Cyber Security Agency published a general warning that unnamed malicious actors were targeting researchers to steal intellectual property related to combating the coronavirus, using password spraying — a technique that exploits weak passwords.