The El Pais newspaper reported that Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19.
While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work.
Regarding the specific attacks reported by El Pais, the are no technical details about the alleged intrusion and their extent.
“The cyberattacks were conducted against Spain and several other countries competing to develop a coronavirus vaccine, said Paz Esteban, the head of Spain’s National Intelligence Center (CNI).” reported El Pais.
“The CNI director said that “sensitive sectors such as health and pharmaceutics” had been targeted, and that there has been “a particularly virulent campaign, and not just in Spain, against laboratories working on a vaccine for Covid-19.”
In July, the British National Cyber Security Centre revealed that Russia-linked group APT29 is conducting cyberespionage campaigns targeting UK, US, and Canadian organizations working on the development of a COVID-19 vaccine.
The cyberattack against Spanish research labs came from China, but it is not clear which is the nature of the information stolen.
According to Spain’s secret service chief Paz Esteban, the laboratories were hit by “a particularly virulent campaign,” the hackers hit centers working on the development of vaccine in Spain and abroad.
Speaking at a seminar organized by the Association of European Journalists (AEJ) on Thursday, Esteban explained that the frequency and the level of sophistication increased during the lockdown.
The official warned of a “qualitative and quantitative growth” in the cyberattacks during the coronavirus confinement period, he explained that people working remotely are more exposed to cyber threats
Chinese officials denied any involvement in the attacks explaining that their country is ahead in the research on the COVID19 vaccine.
“China’s research and development on vaccines against Covid-19 is ahead of other countries’. We have no need to steal what others are doing in order to have access to a vaccine,” said Wang Wenbin, the spokesperson for China’s Foreign Ministry.
In July, US DoJ charged two Chinese hackers working with China’s Ministry of State Security with hacking into computer systems of government organizations and companies worldwide.
The hackers targeted companies and organizations from multiple countries including the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom.
According to prosecutors, the defendants also probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines and treatments.
“A CSIC spokesperson said that no theft has occurred at its Madrid research centers. Sources at Clinic Hospital in Barcelona said they were not aware of any intrusion into the computers storing the results of an experimental vaccine based on coronavirus genetic material.” concludes the report. “Similar responses were provided by the National Institute of Agricultural and Food Research and Technology (INIA) and by the University of Santiago de Compostela, where a team led by José Manuel Martínez Costas is working on an original angle based on a strategy involving bird virus.”
(SecurityAffairs – hacking, COVID19)