Pompeo Condemns China's Attempts to Steal Coronavirus Research Data

Mike Pompeo
U.S. Secretary of State Mike Pompeo pauses while speaking at a news conference at the State Department on April 29, 2020, in Washington, DC. On Thursday, Pompeo condemned attempts by Chinese actors to steal coronavirus research ANDREW HARNIK/POOL/AFP/Getty

The U.S. State Department released a statement Thursday denouncing attempts to infiltrate systems involved in U.S. COVID-19 research that the Federal Bureau of Investigation has attributed to China.

"The United States condemns attempts by cyber actors and non-traditional collectors affiliated with the People's Republic of China (PRC) to steal U.S. intellectual property and data related to COVID-19 research," Secretary of State Mike Pompeo said in a statement.

Pompeo's remarks follow an announcement by the FBI on Wednesday that the bureau is investigating "the targeting and compromise" of organizations conducting research to develop vaccines and other treatments for COVID-19. The efforts were attributed to China-affiliated actors.

A spokesperson for the Chinese Embassy did not return a request for comment.

According to the FBI, digital intruders are seeking to pilfer valuable intellectual property related to this research, jeopardizing "the delivery of secure, effective, and efficient treatment options."

The Cybersecurity and Infrastructure Security Agency (CISA), which jointly issued the notice with the FBI, has previously said that overall levels of cybercrime are not increasing, but emphasized that hackers are increasingly using coronavirus-themed overtures to gain unauthorized access.

This is not the first time China has been tied to efforts to steal valuable medical information. The cybersecurity firm FireEye has documented a "concerted focus" by Chinese state-supported actors to access cancer-related research.

In an August 2019 report, FireEye outlined what it says were several attempts by Chinese hackers to steal such information, noting that the country may be motivated by the fact that cancer is its leading cause of death.

FireEye said that a U.S.-based health center focused on cancer research was targeted with malware known as EVILNUGGET earlier that spring, the latest in what the report described as a years-long string of efforts to access valuable medical information.

"The PRC's behavior in cyberspace is an extension of its counterproductive actions throughout the COVID-19 pandemic," Pompeo's statement on Thursday continued. "While the United States and our allies and partners are coordinating a collective, transparent response to save lives, the PRC continues to silence scientists, journalists, and citizens, and to spread disinformation, which has exacerbated the dangers of this health crisis."

The Trump administration has also worked with the United Kingdom to identify a similar threat against COVID-19-response organizations abroad. The two countries are investigating "a number of incidents" in which actors have targeted pharmaceutical companies, research organizations and educational institutions.

The FBI said that technical details relating to the COVID-19 hacks will be made available "in the coming days." The bureau is requesting that organizations involved in pandemic research or preparedness work to patch digital vulnerabilities and regularly monitor systems for unauthorized access.

These organizations should also be adopting "dedicated cybersecurity and insider threat practices," the FBI said.