HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Chinese Hacking Groups are Targeting COVID-19 Research Organizations

Organizations involved in research into SARS-CoV-2 and COVID-19 have been warned that they are being targeted by hackers affiliated with the People’s Republic of China (PRC) and should take steps to protect their systems from attack.

The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security and the Federal Bureau of Investigation (FBI) have warned that organizations in the health care, pharmaceutical, and research sectors that are working on testing procedures, SARS-CoV-2 vaccines, and new treatments for COVID-19 are being targeted by hackers looking to gain access to research data to advance PRC’s research program. The Trump Administration has also warned that cyber espionage campaigns targeting COVID-19 research organizations are now being conducted by hackers linked to Iran.

In the alert, CISA and the FBI warn that the theft of intellectual property in these attacks jeopardizes the delivery of secure, effective, and efficient treatment options. All organizations involved in COVID-19 research have been advised to apply the recommended mitigations as soon as possible to prevent surreptitious review and theft of COVID-19 related data.

CISA warns that press attention affiliating an organization with COVID-19 research is likely to result in increased interest and cyber activity and it is best to assume that targeted cyber attacks will occur. Patching efforts should be stepped up and critical vulnerabilities should be addressed on all systems. If patches cannot be applied to address vulnerabilities, mitigations should be implemented until the patches can be applied. Priority should be given to vulnerabilities known to have been exploited by these threat actors and vulnerabilities on internet-connected servers and software processing internet data.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Scans should be conducted on all web applications to identify anomalous activity that could indicate unauthorized access and checks conducted to identify any modifications that have been made to the applications.  Authentication measures should be strengthened, and multi-factor authentication should be implemented.

Scans should be performed to identify unusual user activity. When anomalous behavior is detected, access should be immediately suspended pending further investigation. When suspicious or criminal activity is detected, the local FBI field office should be alerted. CISA and the FBI will be releasing technical information about threats and cyberattacks in the coming days.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.