A senior FBI cybersecurity official said on Thursday that foreign government hackers have broken into institutions conducting research into treatments for COVID-19, the sometimes fatal respiratory illness caused by the new coronavirus.
Federal Bureau of Investigation Deputy Assistant Director Tonya Ugoretz told participants in an online panel discussion hosted by the Aspen Institute that the bureau had seen state-backed hackers poking around the U.S. healthcare sector as well.
“We certainly have seen reconnaissance activity, and some intrusions, into some of those institutions, especially those that have publicly identified themselves as working on COVID-related research,” she said.
Ugoretz did not name specific countries and she did not identify any targeted companies or institutions.
Ugoretz said it made sense for organizations working on promising treatments or a potential vaccine to tout their work publicly. However, she said, “The sad flipside is that it kind of makes them a mark for other nation-states that are interested in gleaning details about what exactly they’re doing and maybe even stealing proprietary information that those institutions have.”
Ugoretz said that state-backed hackers had often targeted the biopharmaceutical industry but said “it’s certainly heightened during this crisis.”
The FBI and the Office of the Director of National Intelligence did not immediately return emails seeking comment. The Florida-based Health Information Sharing and Analysis Center, which helps coordinate cybersecurity across the health sector, did not immediately return a message seeking comment.
The potential for hackers to target research and healthcare institutions related to coronavirus treatments and vaccines has been on U.S. cybersecurity officials’ radar since the start of the outbreak, which began in China late last year.
Last month, Reuters identified two independent attempts by different state-backed hacking groups to penetrate the World Health Organization, which is helping to organize the global response to the epidemic.
Czech Republic warn of hospital cyberattacks
The Czech Republic also warned international allies on Thursday of an imminent wave of disruptive cyberattacks against the country’s hospitals and other parts of its critical infrastructure.
The country’s NUKIB cybersecurity watchdog said the attacks, designed to damage or destroy victims’ computers, were expected in coming days. Two officials with knowledge of the matter said they could begin as soon as Friday.
“The information we have available has led us to a reasonable fear of a real threat of serious cyberattacks on major targets in the Czech Republic, especially on healthcare systems,” said NUKIB Director Karel Rehka.
The warning comes as hackers ranging from cyber criminals to government-backed spies are targeting businesses, governments and healthcare organizations with attempts to steal sensitive information about the new coronavirus outbreak.
A Czech official, speaking on condition of anonymity due to the sensitivity of the matter, said it was not clear who was responsible for the activity identified by NUKIB but it was thought to be the work of a “serious and advanced adversary.”
With files from Reuters’ Jason Hovet, Christopher Bing and Jack StubbsView link »