HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Senators Seek Answers from CISA and FBI About Threat to COVID-19 Research Data

Four Senators have written to the DHS Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) in response to the recent alert warning COVID-19 research organizations that hackers with links to China are conducting attacks to gain access to COVID-19 vaccine and research data.

On May 13, 2020, CISA and the FBI issued a joint alert warning organizations in the healthcare, pharmaceutical, and research sectors that they are prime targets for hackers. Hacking groups linked to the People’s Republic of China have been attempting to infiltrate the networks of U.S. companies to gain access to intellectual property, public health data, and information related to COVID-19 testing, potential vaccines, and treatment information.

“China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19,” warned CISA and the FBI. “The potential theft of this information jeopardizes the delivery of secure, effective, and efficient treatment options.”

In the letter, Thom Tills (R-NC), Richard Blumenthal (D-CT), John Cornyn (R-TX), and Ben Sasse (R-NE) praised the efforts of both agencies to raise awareness of the threat and investigate attacks. “It is absolutely unacceptable for Chinese government affiliated hackers to attempt to steal or disrupt important research from companies and institutions who are developing essential diagnostics, cures, and treatments,” wrote the Senators.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

The Senators reiterated the advice offered by both agencies and have urged all U.S. companies and academic institutions involved in the COVID-19 response to take full advantage of the resources suggested by the agencies to improve their cybersecurity defenses and to also ensure than any attempted attacks are reported to the FBI immediately.

The Senators explained that they stand ready and willing to assist both agencies in their efforts to deal with the threat and prevent the theft of intellectual property from U.S. firms, and have asked how they can best support both agencies.

The Senators have asked what additional statutory tools or authorities the agencies need to combat the state-sponsored hacking of U.S. companies more effectively, and what additional financial resources and appropriations are required to allow the agencies to investigate further attempts by state-sponsored hackers to obtain sensitive research data.

The Senators have also requested information on the steps both agencies are taking to inform U.S. companies and research organizations about the threat of attack, and how the agencies are helping companies and research institutions to improve their cybersecurity defenses and prevent further intrusions and data theft.

The Senators have requested answers to the questions in a classified briefing with their staff no later than June 20, 2020.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.