U.S. officials are set to issue a warning that hackers in China are attempting to steal American vaccine and treatment research, reports The New York Times.
The hackers are angling for an advantage in pandemic research by illicitly obtaining public health data related to vaccines, treatments, and testing–part of what The Times called a “surge in cybertheft and attacks” around the world.
As The Crime Report revealed recently, Iranian hackers have joined China and Russia in efforts to spread disinformation about the pandemic.
A draft of the forthcoming public warning from the U.S. says China is focusing on gaining information on vaccines.
The warning focuses on cybertheft and action by “nontraditional actors,” a euphemism for researchers and students the Trump administration says are being activated to steal data from inside academic and private laboratories.
The State Department last week described a Twitter campaign launched by Chinese operatives to “push false narratives and propaganda about the virus.”
“China’s long history of bad behavior in cyberspace is well documented, so it shouldn’t surprise anyone they are going after the critical organizations involved in the nation’s response to the Covid-19 pandemic,” said Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency.
Krebs added that the agency would “defend our interests aggressively.”
In another development, hackers linked to Iran reportedly have targeted staff at the drug maker Gilead Sciences in recent weeks, as the company races to develop a treatment for COVID-19.
In one case, a fake email login page designed to steal passwords was sent to a Gilead executive involved in legal and corporate affairs, according to an archived version on a website used to scan for malicious web addresses. It’s unclear if the attack was successful.
Last week, the United States and Britain issued a joint warning that “health care bodies, pharmaceutical companies, academia, medical research organizations, and local governments” had been targeted.
While it named no specific countries — or targets — the wording was the kind used to describe the most active cyber-operators: Russia, China, Iran, and North Korea, said The New York Times.