Cybersecurity News

Sens. Ask FBI, CISA How to Protect COVID-19 Medical Research Data

Four Senators ask the FBI and DHS CISA whether more resources are needed to protect COVID-19 medical research data, as Chinese hackers continue to target the intellectual property.

COVID-19 medical research data Coronavirus nation-state hacking attempts People's Republic of China, endpoint protection risk management hacking attempts

By Jessica Davis

- The FBI and the Department of Homeland Security Cybersecurity and Infrastructure Agency are being asked how they’re defending against attempts to hack COVID-19-related research data, following reports that hackers tied to the People’s Republic of China are targeting the intellectual property.

On May 13, the FBI and CISA released an alert to COVID-19 research organizations, warning that threat actors are targeting these entities, and it’s likely many have been compromised. In the past, CISA has accused China of similar attacks on supply chain relationships, as well as targeted attempts to gain access to medical research for blackmail purposes.

The FBI is currently investigating the latest round of attacks on COVID-19 research firms, as hackers move to identify and steal valuable intellectual property and public health data, from potential vaccine information to testing from the networks and workforce of COVID-19 researchers.

The agencies stressed that healthcare organizations must be on heightened alert as they are prime targets for these targeted attacks.

Sens. Richard Blumenthal, D-Connecticut, Thom Tillis, R-North Carolina, Ben Sasse, R-Nebraska, and John Cornyn, R-Texas expressed appreciation for the public notification regarding these “alarming” attacks and are seeking insights into how the agencies are supporting the protection of this data, as well as what resources are needed for that defense.

“Any action that affects the development of treatment options-including attempted theft of American intellectual property-is a threat to our health, economic recovery, and national security,” the Senators wrote.

“It is absolutely unacceptable for Chinese government affiliated hackers to attempt to steal or disrupt important research from companies and institutions who are developing essential diagnostics, cures, and treatments,” they added.

The FBI and CISA are being asked to detail what statutory tools or authorities are needed to effectively combat state-sponsored hacking attempts, along with any needed financial appropriations or resources to prevent and investigate further cyberattacks and possible data theft.

Lastly, the Senators ask for the steps the agencies are taking to further notify these research institutions and companies about the cyber threats tied to Chinese hackers, as well as steps they’re taking to support cybersecurity efforts at these organizations to prevent future intrusions.

The Senators further urged these organizations to review resources provided by these agencies to bolster their defense and report suspected incidents to their local FBI field office. The Healthcare and Public Health Sector Coordinating Council (HSCC) also recently released insights on ways these organizations can protect healthcare trade secrets and medical research.

“We are confident that the FBI, CISA, and other involved federal agencies are working tirelessly to prevent attacks such as this,” the Senators wrote. “We are grateful to the dedicated agents and staff who are part of this effort, and we wish to support you in every possible way in these efforts.”

Nation-state actors have continued to target the US healthcare system in recent years. In November, the Department of Justice indicted two SamSam hackers tied to Iran, who were allegedly behind cyberattacks on a host of high-profile organizations like LabCorp and Allscripts.

Just last year, CISA warned hackers tied to Iran were targeting US organizations with wiper malware.