China Targets Western COVID Research

Xi Jinping, General Secretary of the Communist Party of China, President of the People’s Republic of China, and Chairman of the Central Military Commission.
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning about China’s threat to COVID-19-related research.
The FBI is investigating the targeting and compromise of U.S. organizations conducting COVID-19-related research by China’s spies. Beijing’s agents are attempting to obtain valuable intellectual property and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research. According to the Bureau, “The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options.”
Both agencies have cautioned all organizations conducting research in these areas to maintain dedicated cybersecurity and insider threat practices to deter the PRC’s cyberspies.
They have outlined how weakness in security may occur, and what to do about the challenge. Press attention affiliating an organization with COVID-19-related research leads to increased interest and subsequent cyber activity. To deter the illicit activity, the two counter-intelligence groups urge researchers to strengthen all systems for critical vulnerabilities. Web applications should be scanned for unauthorized access, modification, or anomalous activities. Credential requirements should be upgraded against possible intrusion. When suspicious activity is spotted, the questionable users should be blocked and suspended. And of course, report dangerous activity to the FBI.
A joint U.S.-U.K. international effort to deter Chinese COVID-19 espionage is also raising an alarm. The United States Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) warn that there are “indications that advanced persistent threat groups are exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations.”
According to officials of the two nations, Anglo-American healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments are specifically targeted. The cyberspies collect bulk personal information, intellectual property, sensitive information and related intelligence.
There have been a number of suspected incidents.
These organizations’ global reach and international supply chains increase exposure to malicious cyber actors. Beijing’s agents are exploiting weaknesses in supply chains, a noted security weak link, to achieve their goals. That weakness has grown worse as the pandemic has resulted in the shift to remote working, which has considerably increased vulnerability.
Recently cyberspies have scanned the external websites of targeted companies, looking for vulnerabilities in unpatched software. Known targets include Citrix vulnerability CVE-2019-19781, vulnerabilities in virtual private networks.
International investigators are reviewing large-scale password spraying campaigns conducted by malicious foreign actors.
China’s internet infiltrators are using this type of attack to target healthcare entities in a number of countries—including the United Kingdom and the United States—as well as international healthcare organizations. In the past, they have used password spraying to target a range of organizations and companies across sectors—including government, emergency services, law enforcement, academia and research organizations, financial institutions, and telecommunications and retail companies.
Password spraying is a commonly used style of brute force attack in which the attacker tries a single and commonly used password against many accounts before moving on to try a second password, and so on. This technique allows the attacker to remain undetected by avoiding rapid or frequent account lockouts. These attacks are successful because, for any given large set of users, there will likely be some with common passwords.
Once the malicious cyber actor compromises a single account, they will use it to access other accounts where the credentials are reused. Additionally, the actor could attempt to move laterally across the network to steal additional data and implement further attacks against other accounts within the network.
Frank Vernuccio serves as editor-in-chief of the New York Analysis of Policy and Government.
Frank Vernuccio serves as editor-in-chief of the New York Analysis of Policy & Government (website usagovpolicy.com). He is the co-host of the syndicated radio program, Vernuccio/Novak Report, and is also a contributor to Fox News. His columns appear in many newspapers. After graduating Hofstra Law School, he was a legislative editor for a major publishing company, then served in both Republican and Democrat Administrations. Following the 9/11 attack, he was appointed to run the hard-hit Manhattan branch of the New York State Workers Compensation Board.
Trending Now on Affluent Christian Investor
Sorry. No data so far.
The Affluent Mix
Biden Oblivious To Illegal Immigration Issues... August 2, 2021 | Frank Vernuccio

Rob Arnott On Bubbles, Inflation, And Once-In-A-Generation Investment Opportunit... August 2, 2021 | Jerry Bowyer

The Federal Reserve’s Massive Theft Of Stability... August 2, 2021 | Jim Huntzinger

What To Do About This Difficult Market? August 2, 2021 | David Bahnsen

Letter On The Politicization Of Corporations... July 26, 2021 | Jerry Bowyer

Peak Of The Fake Bull Market July 26, 2021 | Michael Pento

Woodrow Wilson’s Administrative State vs. Gold... July 26, 2021 | Jim Huntzinger

Dividends, Energy, And Crypto July 26, 2021 | David Bahnsen

Whose Side Are You On? July 26, 2021 | Frank Vernuccio

Media, Left Ignore These Dangers July 19, 2021 | Frank Vernuccio

Mark Skousen On FreedomFest And How To Measure The Whole Economy... July 19, 2021 | Jerry Bowyer

Quantifying The Quantitative, Or Making Easy The Easing... July 19, 2021 | David Bahnsen

The Gold Standard Means A Rising Standard Of Living... July 19, 2021 | Jim Huntzinger

Book Review: Brian Domitrovic Reveals The Monetary Genius Of Arthur Laffer... July 19, 2021 | John Tamny

Steve Forbes: Time To Worry About Inflation, Not Hyperinflation... July 12, 2021 | Jerry Bowyer

UFOs Rescue Biden July 12, 2021 | Frank Vernuccio

Read This Classical Economist’s 200 Year Old Warning About Paper Money... July 12, 2021 | Jim Huntzinger

How Central Banks Murdered The Markets July 12, 2021 | Michael Pento

Everything There Is To Know About The Stock Market... July 12, 2021 | David Bahnsen

AT&T CEO: We’re Ill Equipped For Politics, And We’re Spending A Lot Of ... July 6, 2021 | Jerry Bowyer

Internet Bias Distorts National Conversation... July 6, 2021 | Frank Vernuccio

The Halfway Point Of 2021 July 6, 2021 | David Bahnsen

Join the conversation!
We have no tolerance for comments containing violence, racism, vulgarity, profanity, all caps, or discourteous behavior. Thank you for partnering with us to maintain a courteous and useful public environment where we can engage in reasonable discourse.