July 24, 2020
IntelBrief: Vaccine Hacking: The Latest Trend in Cyberwarfare and Digital Espionage
Hackers from China, Russia, and Iran have been working to steal coronavirus-related vaccine data from U.S. universities, pharmaceutical companies, and healthcare firms in what has become a global race to develop the first viable vaccine for COVID-19. Cyberattacks are nothing new for these countries, which continuously interfere with U.S. public and private sector entities in an effort to sow confusion and pilfer intellectual property. But most experts agree that the increased frequency of attacks has interfered with scientists’ progress on developing a vaccine. Colleges and universities have long been the target of Chinese cyberespionage, especially research laboratories that specialize in subjects like biotech, nanotechnology, and artificial intelligence. For their part, the Iranians have targeted the American company Gilead Sciences Inc., which has produced large quantities of the drug remdesivir, and antiviral drug that has so far proven effective in treating coronavirus.
Several months ago some of the top health experts in the world expressed optimism that the United States might be able to work with China to develop a vaccine for COVID-19. However, given the competition, prestige, and financial incentives related to being the first country to do so, coupled with deteriorating relations between Washington and Beijing, that prospect now seems entirely moot. Earlier this week, partially in response to China’s continued cyberespionage, the United States forced the Chinese consulate in Houston, TX to close, evicting Chinese diplomats and other personnel. In an indictment, the Department of Justice (DOJ) named two Chinese hackers—Li Xiaoyu and Dong Jiahzi for their role in COVID-19-related espionage and hacking public health data related to vaccine research on behalf of the Ministry of State Security, China’s spy service. Still, few believe that these moves will have a significant impact on China’s continued hacking and cyberwarfare activities. The Federal Bureau of Investigation (FBI) compared the actions of the Chinese government to that of ‘an organized criminal syndicate.’
Russian hackers have also been actively targeting coronavirus vaccine research according to the United States, Canada, and the United Kingdom. The main culprit is Cozy Bear (also known as APT29), the Russian hacking collective which maintains close ties to Russia’s elite Foreign Intelligence Service (SVR). Two of the primary victims of the Russian hacking attempts were Oxford University in the United Kingdom and AstraZeneca, a British-Swedish pharmaceutical company. Those two entities are among the leading candidates to develop a viable coronavirus vaccine and recently touted significant progress toward achieving that goal by late this year or early 2021. Continued hacking attempts by Russia, China, and others pose significant risks to the data integrity associated with vaccine development.
Countries like Russia, China, Iran, and North Korea maintain a complicated relationship with a stable of talented hackers and cyber criminals which can be called upon to carry out actions that are difficult to link back to state sponsors. In many cases, the hackers themselves are more akin to ‘free agents’ that are offered safe haven and protection by the intelligence services in exchange for deploying their expertise against adversarial targets. Some hackers are motivated by nationalism, some by financial gain, and still others by ego, showing off their skills and capabilities in an effort to gain bragging rights and recognition from other hackers. The National Security Agency (NSA) and United States Cyber Command (USCYBERCOM) have each assumed a more aggressive posture under the Trump administration, but Washington has nonetheless struggled to deter cyberattacks from its chief adversaries. The closer companies get to developing a proven vaccine for the coronavirus, the more likely it is that Russia, China, and other countries will step up their cyberattacks in an effort to steal valuable data, even as the coronavirus death toll, currently at more than 15 million cases worldwide, continues to climb.
For tailored research and analysis, please contact: firstname.lastname@example.org