The administration of Trump is accusing China of trying to steal the coronavirus research of the United States researchers. According to the officials, they are facing a mounting wave of cyber-attacks on United States medical institutions and government agencies leading the COVID-19 response by criminal groups and nation-states.
Health care providers, hospitals, pharmaceutical companies, and research laborites all these hits by cyber-attacks, official say. The Department of Health & Human Services (HHS), which manages the Centers for Disease Control & Prevention (CDC), also faced a surge of strikes on a daily basis, according to an official aware of the attacks said.
Another official familiar with the cyber-attacks says that there are only two world places that may hit the Department of Health & Human Services. The official continues, the main offenders for the attacks on HHS are China and Russia because of the scope and size of the attacks. After some hesitance to relate the extensive attacks across the medical department to any particular country – whether politically or lack of foregone conclusion, the top U.S. security officials decided to choose China.
The United States Department of Justice now says they are mainly anxious about the cyber-attacks by the hackers from China targeting American labs and hospitals to steal COVID-19 research. The leader of the Justice Department’s National Security Division, John Demers, said that they agreed to increase cyber interruptions into medical centers, universities, research centers as well as anybody doing coronavirus related research.
He adds that nowadays, there is not any other is more valuable than biomedical research about vaccines for treatments for the COVID-19. It is of enormous importance not just from a commercial value, but whatever research lab, company, or countries develops the coronavirus vaccine first.
Calling out China for attacks
Chinese cyber-surveillance against the United States raised during the last few months since the virus outbreak. In March, top cybersecurity company FireEye reported that APT41, the Chinese group initiated one of the biggest campaigns by Chinese cyber spying actors they observed in recent years. Mike Pompeo, the U.S. Secretary of State, already attacking Chinese hackers and government over the epidemic. Pompeo says that the primary threat is not the ability of the U.S. to work with the Chinese government on cyber, surely his country has the available resources to save themselves from Chinese espionage.
CNN requested the embassy of China in Washington to comment on the allegations from the U.S. officials. The hacker’s uptick in activity targeting the medical sector and HHS is part of a more extensive cyber campaign under groups relates to many other countries along with China, including Iran, North Korea, and Russia. The four make up a foursome regularly accused by the American national security community as the active players against the U.S.
During the COVID-19 pandemic crisis, attacks from criminal groups and nation-states have come in a crowd forms with several different intentions: posing as the United States authority or agency with phishing methods to steal sensitive information, ransomware attacks, renunciation of service and disinformation, among others on the internet and darknet.
A senior official of Trump administration told CNN that the novel coronavirus epidemic provided an exceptional opening to evil actors as well as cybercriminals. However, under attack itself, Health and Human Services, along with cyber arm of CISA, the Homeland Security Department worked to set up the defenses of those epidemic-related organizations, according to the official.
Hackers are trying to steal everything
However, instead of an overwhelming approach that these cyber-attacks are taking place at a progressively high speed and near worldwide pact over the primary state actors, U.S. officials are cautious about assigning blame for specific actions. A rising new wave of surveillance threats is the Cyber Threat Intelligence League, a worldwide group of over fourteen hundred assessed cybersecurity experts that volunteered and grouped together to identify and take down risks in case they emerge.
The Cyber Threat Intelligence League, which is working with the United States authorities and put out its initial report this week, says that the four countries traditionally target America are now concentrating on and taking advantage of the fatal pandemic. Ohad Zaidenberg, one of the co-founders of the group based in Israel, expresses that they are attempting to steal everything. Countries such as Iran and China can steal important information about the COVID-19 research that they do not have. If they believe someone is making a vaccine to treat the pandemic and they can steal the information about it. Or they can use the outbreak as support so they can steal any other data.
According to the latest report published on Wednesday, Threat Analysis Group (TAG) of Google specifically recognized over many government-funded attacker groups that used coronavirus themes as tempt for phishing emails along with malware attempts. The report said, one prominent campaign tried to target private accounts of employees of the United States government with phishing traps using U.S. fast-food franchise and coronavirus related messaging. The report said some of those messages offered free meals and coupons in response to the pandemic, and others suggested receivers visit websites camouflaged as online ordering and delivery options.
Cyber-attacks also targeted the World Health Organization
Google report also mentioned new activity that documents reporting from Reuters previous month about Iranian-funded hackers trying to break into WHO. WHO said on Thursday that it saw a dramatic upsurge in the cyber-attacks numbers focused at its staff, as well as scams in email targeting the public at large since the pandemic started. This week, around four-hundred and fifty active email addresses and passwords of WHO leaked online.
Along with this, thousands of others belonging to others working on COVID-19 response, the organization said in a press release. The online leak credentials of the workers don’t put the systems of WHO at risk because the information was not recent. Though, the activity might influence the previous extranet system used by present and retired employees as well as allies.
Congressional Representatives demand more action
Since the start of COVID-19 outbreak in the United States, Cyber Command and the National Security Agency (NSA) started violent cyber action in an effort to counter an extensive range of external attacks, including falsehood, the source said. It is unclear the exact nature of the agency’s response, but the work nature of them remains highly confidential.
Several officials told CNN that these cyber agencies continue to pose a defend forward posture, which includes aggressive operations proposed to discourage foreign actors associated with nation-state rivals. General Paul Nakasone is leading the U.S. National Security Agency and Cyber Command agencies. Now the higher authorities gave him the additional power to carry out these types of actions without taking the approval from White House in recent years, especially after the Russian threat against the U.S. 2020 elections became clear.