US to Accuse China of Hacking
COVID-19 Vaccine Research
May 12, 2020
For months, U.S. officials have been warning about a spike in
cyberattacks during the coronavirus pandemic, but they’ve stopped short
of pointing fingers at any one country.
Now, as the all-out global race for a coronavirus vaccine accelerates
and hackers home in on related scientific research, U.S. officials are
preparing to single out a long-standing cyber adversary: China.
In a joint warning slated for the coming days, the FBI and the
Department of Homeland Security reportedly plan to publicly accuse China
of seeking to pilfer U.S. research related to coronavirus vaccines,
treatments and tests.
Tab Bradshaw, CEO of Redpoint Cybersecurity and a member of the
Department of Homeland Security’s advanced information sharing working
group, confirmed the planned warning in an interview Monday.
“I think it’s what should be happening,” Bradshaw told VOA. “It’s a
political move to call out the Chinese Communist government and to state
to the world that they’re actively trying to steal U.S. technology.”
The FBI did not have a comment. DHS did not respond to a request for
The U.S. has long branded China along with Russia, North Korea and Iran
as a major source of cyberattacks, accusing Beijing of pilfering U.S.
intellectual property in a bid to gain a competitive edge over the
“What else is new with China? Tell me,” President Donald Trump said
during a White House press briefing when asked about the report of
alleged Chinese theft of vaccine research.
Publicly accusing China of seeking to steal proprietary research related
to COVID-19 vaccines is likely to exacerbate tensions between Beijing
and Washington as the Trump administration continues to pin the blame
for the pandemic on China where it originated, and for failing to act
quickly enough to warn other countries and block the spread of the
The FBI-DHS warning comes on the heels of a joint alert issued last week
by U.S. and British cyber officials. The U.S. Cybersecurity and
Infrastructure Security Agency (CISA) and Britain’s National Cyber
Security Center said they were investigating a number of incidents
involving pharmaceutical companies, medical research organizations and
“Organizations involved in COVID-19-related research are attractive
targets for … [hackers] looking to obtain information for their domestic
research efforts into COVID-19-related medicine,” the agencies said in a
The feverish search for a COVID-19 vaccine is taking place in several
countries around the globe. The World Health Organization (WHO) is
currently tracking eight vaccines in the clinical evaluation phase,
including two in the United States and four in China. That is on top of
at least 100 vaccine candidates in the preclinical evaluation stage
around the world.
For China, the ability to rapidly manufacture a successful vaccine is as
much about gaining a geopolitical edge over the U.S. as promoting public
health, officials say.
“It’s of great importance not just from a commercial value but whatever
countries, company or research lab develops that vaccine first and is
able to produce it is going to have a significant geopolitical success
story,” John Demers, the Justice Department’s top national security
official, said last month.
Given China’s decades-long history of intellectual property theft, the
notion that Beijing might be trying to steal research related to
coronavirus vaccines and treatments is not far-fetched, Demers said.
“It would be beyond absurd to think well, the Chinese, they care about
all this other stuff, but this they’re going to lay off,” Demers said.
Cyberattacks traced to China and other countries picked up pace
following the coronavirus outbreak, with ransomware operations seeing a
A Chinese cyber espionage group known as APT-41 has long-targeted
research universities and is “getting a lot of attention right now
because of COVID-19,” Bradshaw said.
In January, hackers tied to the Chinese government attacked health care
providers and companies in other sectors, according to cybersecurity
firm FireEye. FireEye called it “one of the most widespread campaigns we
have seen from China-nexus espionage actors in recent years.”
China is not the only country involved in cyberattacks during the
pandemic. Google’s Threat Assessment Group has identified more than a
dozen groups of government-backed hackers using COVID-19 themes to gain
access to computer networks.
did not name the countries, but private sector cybersecurity firms have
identified several state actors.
From January to April, Vietnamese hackers launched cyberattacks on
Chinese targets in order to collect intelligence on the coronavirus
crisis, FireEye reported last month.
In April, Iranian hackers reportedly launched an attack on Gilead
Sciences, the maker of remdesivir, the drug recently approved by FDA as
a treatment for COVID-19.
While the attacks have involved a wide range of activities — from
criminals targeting Italian financial institutions to North Korean
hackers targeting organizations in South Korea — vaccine and treatment
research remains a favorite target of state-sponsored actors
“There is nothing more valuable today than biomedical research relating
to vaccines for treatments for the coronavirus,” Demers said.