Today, the US Justice Department charged two Chinese hackers with targeting US COVID-19 research. The charges were part of an 11-count indictment that alleges the two individuals conducted a global hacking campaign that went on for more than 10 years. Most recently, the hackers probed for vulnerabilities in the computer networks of a Massachusetts biotech firm conducting COVID-19 vaccine, testing and treatment research.
This isn’t a total surprise. In April, CNN reported an uptick in cyberattacks at the Department of Health and Human Services, which manages the CDC. Officials said China-based hackers were to blame. In May, the FBI warned that China-backed hackers were attempting to steal COVID-19 research from US organizations. In July, intelligence officials said Russian hackers targeted healthcare organizations Canada, the UK and the US. Today’s charges are believed to be the first to officially accuse foreign hackers of targeting coronavirus research in the US, AP reports.
According to the indictment, the hackers were working both for the Chinese government’s Ministry of State Security and for their own personal gain. At the moment, there’s no indication that they obtained any COVID-19 research.
“China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” John C. Demers, assistant attorney general for national security, said in a statement.
In addition to targeting COVID-19 research, the cyberattacks allegedly targeted robotics, aircraft and marine engineering, clean energy engineering, biotechnology, non-governmental organizations and human rights activists. According to the Justice Department, the hackers stole trade secrets, technologies, data and personal information from the computer systems of businesses, individuals and agencies throughout the world.