The US Department of Homeland Security and the FBI released a “public service announcement” this morning warning that China is likely targeting the US response to the Covid-19 crisis, calling it a “significant threat.”
The joint warning from the FBI and DHS’s cyber arm, CISA, noted that “Healthcare, pharmaceutical and research sectors working on Covid-19 response should all be aware they are the prime targets of this activity and take the necessary steps to protect their systems.”
The agencies outlined recommendations for research organizations:
- Assume that press attention affiliating your organization with Covid-19-related research will lead to increased interest and cyber activity
- Patch all systems for critical vulnerabilities, prioritizing timely patching for known vulnerabilities of internet-connected servers and software processing internet data
- Actively scan web applications for unauthorized access, modification, or anomalous activities
- Improve credential requirements and require multi-factor authentication
- Identify and suspend access of users exhibiting unusual activity
The notification elevates the accusation by the US government that China is taking advantage of the pandemic to carry out significant cyber espionage on critical institutions fighting the virus.
Some context: CNN has previously reported that the administration has pointed the finger at China for attempting to steal coronavirus research as officials are warning they have seen a growing wave of cyberattacks on US government agencies and medical institutions leading the pandemic response by nation states and criminal groups.