As coronavirus-related tensions are mounting on countries across the world, the US has now said on May 13 that China-affiliated hackers are breaching research of COVID-19 disease by American organisations. The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) issued the statement based on their findings in a bid to raise awareness against the threat of findings by US firms on coronavirus outbreak. The US-China row has intensified over the global health crisis, from accusations of mishandling to covering-up data, the two superpowers have given a political spin to the pandemic.
According to the official statement, the People’s Republic of China-linked cyber actors and non-traditional collectors have been observed to “illicitly obtain valuable intellectual property and public health data” related to cures, vaccines, testing networks. Since according to US Security agency the “potential theft” of crucial COVID-19 research hinders the delivery of secure and efficient treatment options, it has also listed down five recommendations for country’s organisations working on the same cause.
The #FBI and @CISAgov have observed PRC-affiliated actors attempting to obtain public health research related to #COVID19 treatments. The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options. https://t.co/rDphcshGHk— FBI (@FBI) May 13, 2020
In a separate public service announcement, FBI and CISA also warned all organizations that have started researching the highly contagious disease of likely being compromised by China. Urging the US firms to take “necessary steps to protect their systems, the government has said that the organisations should be aware they are the “prime targets” of the China-linked activity. It even called the entire incident a “significant threat”.
The statement said, “China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19. This announcement is intended to raise awareness for research institutions and the American public and provide resources and guidance for those who may be targeted.”
FBI has advised US organisations to “Assume that press attention affiliating your organization with COVID-19-related research will lead to increased interest and cyber activity, patch all systems for critical vulnerabilities, prioritizing timely patching for known vulnerabilities of internet-connected servers and software processing internet data, actively scan web applications for unauthorized access, modification, or anomalous activities, improve credential requirements and require multi-factor authentication, identify and suspend access of users exhibiting unusual activity."