The US government on May 13 issued an official warning that hackers linked to the Chinese government are trying to steal COVID-19 research data from American organizations.
The warning came in a joint statement issued by the FBI and the Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security.
"The FBI is investigating the targeting and compromise of U.S. organizations conducting COVID-19-related research by PRC-affiliated cyber actors and non-traditional collectors. These actors have been observed attempting to identify and illicitly obtain valuable intellectual property (IP) and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research," the statement said.
"The FBI and CISA urge all organizations conducting research in these areas to maintain dedicated cybersecurity and insider threat practices to prevent surreptitious review or theft of COVID-19-related material."
The organizations were recommended to identify and suspend access of users exhibiting unusual activity; require multi-factor authentication and improve credential requirements; assume that press attention regarding COVID-19-related research will lead to increased interest and cyber activity; scan web applications for anomalous activities, modification, or unauthorized access; and patch critical vulnerabilities in all systems, prioritizing timely patching of known vulnerabilities of connected servers and software processing internet data.