WASHINGTON – Chinese intelligence hackers wanted to steal coronavirus vaccine data and were looking for what they thought was an easy target. Instead of just looking for drug companies, they conducted digital education at the University of North Carolina and other schools that do cutting-edge research.
They weren’t the only spies at work. Russia’s premier intelligence agency, the S.V.R., targeted vaccine research networks in the US, Canada and the UK, espionage operations first discovered by a UK spy agency monitoring international fiber optic cables.
Iran has also drastically stepped up its attempts to steal information about vaccine research, and the United States has stepped up its own efforts to track down its opponents’ espionage and strengthen its defenses.
In short, every major spy agency around the world is trying to find out what everyone else is up to.
The coronavirus pandemic has recently resulted in one of the fastest peacetime mission shifts for the world’s intelligence services, pitting them against each other in a great new game of spy and spy. This emerges from interviews with current and former intelligence officials and others who are tracking the espionage efforts.
Almost all adversaries of the United States have stepped up their attempts to steal American research, while Washington, for its part, has sought to protect the universities and corporations that do the most advanced work. NATO intelligence, normally involved in the movement of Russian tanks and terrorist cells, has expanded to investigate the Kremlin’s efforts to steal vaccine research as well, according to a Western official briefed on the intelligence.
The competition is reminiscent of the space race, where the Soviet Union and America relied on their espionage services to catch up when the other was likely to hit a milestone. Where the Cold War competition to reach Earth orbit and the moon played out for decades, the schedule for backing up data on coronavirus treatments is heavily compressed due to the need for a vaccine becomes more urgent every day.
“It would be surprising if they didn’t try to steal the most valuable biomedical research currently going on,” said John C. Demers, a senior Justice Department official. said of China last month during an event organized by the Center for Strategic and International Studies. “Financially valuable and invaluable from a geopolitical perspective.”
China’s advance is complex. The staff have also secretly used information from the World Health Organization to guide their vaccine hacking attempts in both the US and Europe, according to a current and former official familiar with the secret service.
It was not clear how exactly China’s influential position in the W.H.O. Gather information about vaccination work around the world. The organization gathers data on vaccines under development, and while much of it will eventually be made public, Chinese hackers could have benefited from getting information early on about the research efforts of the W.H.O. Viewed as promising, according to a former intelligence officer.
American intelligence officials learned of China’s efforts in early February when the virus took hold in the United States, current and former American officials said. The C.I.A. and other agencies are closely monitoring China’s moves within international agencies, including the W.H.O.
The intelligence service’s conclusion helped move the White House forward the hard line it took in May on the W.H.O., according to the former secret service employee.
In addition to the University of North Carolina, Chinese hackers have attacked other universities across the country and some may have breached their networks, American officials said. Mr. Demers said in his speech that China has carried out “multiple interventions” beyond what the Justice Department revealed in an indictment in July, in which two hackers were accused of working on behalf of the Chinese Ministry of State Security’s espionage service to track vaccine information and research by American biotechnology companies.
The F.B.I. warned officials at U.N.C. in the last few weeks about the hacking attempts according to information from two people familiar with the matter. The Chinese hacking teams attempted to break into the computer networks of the school’s epidemiology department, but did not infiltrate them.
A U.N.C. Spokeswoman Leslie Minton said the school “receives regular threat alerts from US security agencies.” She raised additional questions to the federal government but said the school invested in 24/7 surveillance to “protect against advanced persistent threat attacks by government sponsored organizations”.
Aside from hacking, China has pushed universities in other ways too. Some government officials believe they are trying to take advantage of research partnerships that American universities have with Chinese institutions.
Others have warned that Chinese intelligence agents in the US and elsewhere have tried to gather information on researchers themselves. The Trump administration ordered China on July 22nd to close its consulate in Houston In part because Chinese activists used it as an outpost to connect with medical experts in the city, according to the F.B.I.
Chinese intelligence officials focus in part on universities because they see institutional data protection as less robust than that of pharmaceutical companies. However, espionage work is also increasing as researchers share more vaccine candidates and antiviral treatments for peer review, giving adversaries a better chance of gaining access to vaccine development formulations and strategies, said an American government official who was briefed on the information.
So far, officials believe foreign spies have stolen little information from the American biotech companies they targeted: Gilead Sciences, Novavax, and Moderna.
At the same time, the UK electronic surveillance agency G.C.H.Q. learned about the Russian efforts and the American secret service learned about the Chinese hacking attacks, the Department of Homeland Security and F.B.I. sent teams to work with American biotech teams and strengthen the defenses of their computer networks.
The Russian effort announced by British, American and Canadian intelligence agencies in Julymainly focused on gathering information on research from Oxford University and its pharmaceutical company partner AstraZeneca.
School openings ›
Back to school
Updated September 4, 2020
The latest on how schools are reopening amid the pandemic.
- At least there was 51,000 coronavirus cases The latest survey by the New York Times shows that since the pandemic began at more than 1,000 American universities.
- SUNY Oneonta In-person classes have been canceled and students have been sent home because of a coronavirus outbreak.
- Millions of students in Latin America they are leaving their studies because of the pandemic.
- Professional license reviews have been severely disrupted by the coronavirus, making it difficult newly trained lawyers, doctors and others to start their careers.
The Russians caught trying to get vaccine information belonged to Cozy Bear group, a collection of hackers belonging to the S.V.R. Cozy Bear was one of the hacking groups that broke into Democratic computer servers in 2016.
Homeland Security officials have warned pharmaceutical companies and universities of the attacks and helped institutions verify their safety. For the most part, officials have observed that potential vaccine hackers are exploiting known vulnerabilities that have not yet been fixed, rather than the more exquisite cyber weapons that target unknown vulnerabilities in computer security.
No company or university has announced data theft as a result of the publicly identified hacking efforts. However, according to an American government official, some hacking attempts at least managed to penetrate the defense in order to get into computer networks. And hackers for China and Russia test weaknesses every day, according to intelligence officials.
“It really is a race against time for good people to find and patch the vulnerabilities, deploy those patches before the adversary finds and exploits them,” said Bryan S. Ware, assistant director of cybersecurity for the Department of Homeland Security Agency for cybersecurity and infrastructure security. “The race is closer than ever.”
While only two teams of hackers, one each from Russia and China, have been publicly identified, several teams of hackers from almost every intelligence agency in these two countries have attempted to steal vaccine information, according to law enforcement and intelligence officials.
Russia announced on August 11th that it had approved a vaccine, a statement that immediately raised suspicions that at least the work of its espionage agencies aided its scientists in stealing research information from other countries.
American officials insist that their own espionage services’ efforts are defensive and that intelligence agencies have not been directed to steal coronavirus research. But other current and former intelligence officials said the reality is nowhere near as black and white. As American intelligence agencies try to find out what Russia, China, and Iran may have stolen, they may come across and gather information about research from these countries.
Officials expressed concerns that further hacking attempts could undermine vaccine development efforts. Hackers extracting data could accidentally – or deliberately – damage research systems.
“When an opponent smash-and-grab, it’s even more likely that they’re not only stealing information but also somehow disrupting the victim’s networks of operations,” Ware said.
While some of Russia’s and China’s espionage may have been aimed at reviewing their own research or looking for abbreviations, some current and former officials have raised the possibility that countries wanted to instead instill suspicion about a possible vaccine from Western countries.
Both Russia and China have already spread disinformation about the virus, its origins and the virus American answer. In particular, Russian intelligence agencies are laying the groundwork for more aggressive efforts to escalate the anti-vaccine movement in the West and could use allegations of espionage to add traction to their narrative.
Russia has a long tradition of increasing divisions in American society. Current and former national security officials believe that Russia will eventually spread disinformation about vaccines approved in the West.
“This case seems to be a throwback to the old Soviet Union,” said Fiona Hill, the former National Security Council official and Russia expert testified in the impeachment negotiations against President Trump. “Russia and the Chinese have carried out disinformation campaigns. What better way to create confusion and further weaken the US than to stimulate the antivax movement? But you make sure all of your boys are vaccinated. “
David E. Sanger and Ronen Bergman contributed to the coverage.