Secretary of State Mike Pompeo on Thursday denounced Chinese hacking of American vaccine research and demanded Beijing halt the cyber theft activity.
“The United States condemns attempts by cyber actors and non-traditional collectors affiliated with the People’s Republic of China (PRC) to steal U.S. intellectual property and data related to COVID-19 research,” Mr. Pompeo said in a statement.
“The United States calls on the PRC to cease this malicious activity,” the secretary of state said.
Mr. Pompeo said Chinese cyber theft activities are “an extension of its counterproductive actions throughout the COVID-19 pandemic.”
“While the United States and our allies and partners are coordinating a collective, transparent response to save lives, the PRC continues to silence scientists, journalists, and citizens, and to spread disinformation, which has exacerbated the dangers of this health crisis,” he said.
Mr. Pompeo’s comments came in the wake of a notice published Wednesday by the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warning about Chinese hacking of Covid-19 research.
The agencies said investigators had uncovered cyber activities “likely targeting and attempted network compromise by the People’s Republic of China (PRC).”
“Healthcare, pharmaceutical, and research sectors working on the Covid-19 response should all be aware they are the prime targets of this activity and take the necessary steps to protect their systems,” the notice said.
It was a rare public identification of Chinese cyber attacks that have been carried out on a large scale over the past decade and included the theft of both public and private sector information.
“China’s efforts to target these sectors pose a significant threat to our nation’s response to Covid-19,” the FBI notice said.
It also stated that Chinese government hackers “are actively exploiting trust relationships between information technology (IT) service providers—such as managed service providers and cloud service providers—and their customers.”
The notice did not specify which companies and institutions were targeted but said all those affected had been warned to take defensive electronic measures.
It did, however, reference a 2017 warning about Chinese Ministry of State Security hackers who compromised information technology service providers’ systems.
That attack involved Chinese penetration using several types of malicious software in the information technology, energy, healthcare and public health, communications, and critical manufacturing sectors.
The hackers obtained stolen administrative log in credentials.
CISA official Rex Booth has said China conducts intelligence gathering and information collection in many ways but is “most prolific in cyber espionage.”
“They have a long track record of state-sponsored theft of intellectual property and sensitive information,” Mr. Booth said during a webinar last year.
He also said China’s main cyber attack units are run by the MSS, the People’s Liberation Army and a third group of contractors working under the MSS.
– END –
