FBI Says Foreign States Hacked Into U.S. COVID-19 Research Centers: Report
While most of the COVID-19 threat warnings emerging from the Federal Bureau of Investigations have been regarding scams and fraud, now something a lot more sinister and disturbing has emerged. It has been reported that the FBI has seen evidence of foreign state-sponsored hackers breaking into U.S. COVID-19 research institutions.
FBI confirms “reconnaissance activity and some intrusions” into COVID-19 research centers
The FBI has been urging everyone from kids at home from school to the public at large to be vigilant during the ongoing COVID-19 pandemic. This is in light of hackers and scammers looking to exploit our fear, uncertainty, and doubt regarding the current health crisis and the FBI has warned of a significant spike in such scams.
Now it would appear that the threat stakes have been raised. According to a Reuters report, FBI deputy assistant director, Tonya Ugoretz, has confirmed the Bureau has "seen reconnaissance activity, and some intrusions," into companies and institutions actively researching COVD-19 treatments.
Speaking during an online discussion on April 16, hosted by international think tank the Aspen Institute, Ugoretz warned that organizations that have announced their research efforts publicly "make them a mark for other nation-states that are interested in gleaning details about what exactly they’re doing and maybe even stealing proprietary information that those institutions have."
Taking state-sponsored hacking to a new low
Cyber-criminals, such as the Maze ransomware group, have already made a play for medical facilities associated with COVID-19 vaccine research, such as an attack against Hammersmith Medicines Research in London on March 14. And only this week I reported how security researchers were cautioning hospitals on the frontline of the pandemic fight regarding a new "double extortion" threat from ransomware attackers.
But the kind of threat that the FBI is talking about is at a different level altogether. State-sponsored hackers, which are usually referred to as advanced persistent threat (APT) actors, are known for both their sophisticated attack methodologies and a penchant for cyber-espionage. As the pandemic unfolded across the United States, we have already seen such elite hackers targeting the World Health Organization although without success. Now, as Ugoretz has confirmed, that appears to have changed.
Countries behind the attacks have not been identified publicly
On April 16, coincidentally, the U.S. Departments of State, the Treasury, Homeland Security, and the FBI had published an advisory regarding cyber-threats originating from the Democratic People’s Republic of Korea (DPRK) and announced a $5 million (£4 million) reward for information leading to the identification of the state-sponsored hackers involved.
Speaking at the time, Mark Sangster, vice-president and industry security strategist at eSentire Inc, suggested that the timing of the advisory suggested it could be "in response to something that the intelligence community has identified but cannot release in detail without exposing sources." The FBI deputy assistant director did not identify the facilities that had been hacked, nor specify which countries were thought to be behind the ongoing attacks.
The difficulty in attributing such attacks
Ian Thornton-Trump, CISO at cybersecurity intelligence specialists Cyjax, told me that with any vaccine likely to have a monetary value in the billions of dollars, the search for a COVID-19 cure had become a "high stakes horse race between private industry and state-sponsored efforts with the largest prize cash ever known. There are some nation-states that are very adept at stealing intellectual property, and vaccine research is the hottest property this year." When it comes to naming names, Thornton-Trump admits that "the attribution pendulum is blown by political and partisan opportunism," which makes it hard to be accurate. However, he says, "if I were China, given current U.S. sentiment, then using North Korean sub-contractors to conduct espionage for the grand prize would be a good move."
Neither the FBI nor the Office of the Director of National Intelligence has yet provided any further comment on the matter.
Photo: U.S. COVID-19 research facilities have been targeted by nation-state hackers, FBI saysGETTY