US security agencies are preparing to issue a warning that China’s most skilled hackers and spies are working to steal American research in the crash effort to develop vaccines and treatments for the coronavirus.
The efforts are part of a surge in cyber theft and attacks by nations seeking advantage in the pandemic.
The warning from the FBI and Department of Homeland Security comes as Israeli officials accuse Iran of mounting an effort in late April to cripple water supplies as Israelis were confined to their houses, though the government has offered no evidence to back its claim. More than a dozen countries have redeployed military and intelligence hackers to glean whatever they can about the virus responses of other nations.
Even US allies like South Korea and nations that do not typically stand out for their cyber abilities, like Vietnam; have suddenly redirected their state-run hackers to focus on virus-related information, according to private security firms.
A draft of the forthcoming public warning, which officials say is likely to be issued in the days to come, says China is seeking “valuable intellectual property and public health data through illicit means related to vaccines, treatments and testing”. It focuses on cyber theft and action by “nontraditional actors”, a euphemism for researchers and students the Trump administration says are being activated to steal data from inside academic and private laboratories.
The decision to issue a specific accusation against China’s state-run hacking teams, current and former officials said, is part of a broader deterrent strategy that also involves US Cyber Command and the National Security Agency. Under legal authorities that Donald Trump issued nearly two years ago, they have the power to bore deeply into Chinese and other networks to mount proportional counterattacks. This would be similar to their effort 18 months ago to strike at Russian intelligence groups seeking to interfere in the 2018 midterm elections and to put malware in the Russian power grid as a warning to Moscow for its attacks on US utilities.
But it is unclear exactly what the US has done, if anything, to fire a similar shot at the Chinese hacking groups, including those most closely tied to China’s new Strategic Support Force, its equivalent of Cyber Command, the Ministry of State Security and other intelligence units.