Chinese and Russian Hackers Targeting COVID-19 Vaccine Research

2 minute read | August.04.2020

The latest development in the Department of Justice’s “China Initiative” occurred earlier this month, as the DOJ unsealed an 11-count indictment charging two Chinese nationals with stealing hundreds of millions of dollars’ worth of “trade secrets, intellectual property, and other valuable business information”— including potential COVID-19 research.  The two Chinese hackers allegedly worked for their own benefit and together with the Ministry of State Security, China’s intelligence and security agency, to infiltrate the electronic networks of a number of targets including several American biotech firms “publicly known for work on COVID-19 vaccines, treatments, and testing technology.”

The DOJ’s indictment alleges a lengthy and wide-ranging scheme that lasted over a decade and targeted companies in a number of countries, including the United States, Germany, Japan, the United Kingdom, Netherlands, Spain, and Australia.  Though media reports analyzing the indictment have focused on the COVID-19 research referenced therein, in fact the indictment is much broader.  Targeted industries included, among others, “high tech manufacturing; medical device, civil, and industrial engineering; business, educational, and gaming software; solar energy; pharmaceuticals; [and] defense.”  The trade secrets allegedly stolen by the Chinese hackers included intellectual property from at least eight known victims, which consisted of source code, technology designs, manufacturing processes, test mechanisms and results, and pharmaceutical chemical structures.  In recent months, the two Chinese hackers allegedly searched for vulnerabilities and conducted reconnaissance on the electronic networks of American companies known publicly to be working on COVID-19 vaccines and antiviral drugs.

The COVID-19 research theft allegations follow recent claims from several Western intelligence agencies, including the United States, United Kingdom, and Canada, that hackers linked to the Russian government attacked academic and pharmaceutical research institutions involved in COVID-19 vaccine development.

Like the four Chinese nationals who allegedly hacked into the computer network of Equifax covered here, the two charged hackers in this case will likely never be prosecuted in the U.S.—unless they travel outside of China.  However, it is apparent the DOJ will continue its focus on the investigation and prosecution of intellectual property and trade secret theft, even if it is conducted by individuals aided and protected by foreign governments.  Indeed, this is the first indictment that alleges China is protecting criminal hackers in return for their services.

In our initial post summarizing the “China Initiative,” we encouraged U.S. companies operating in China and Chinese companies to remain on guard for trade secret issues.  These recent and high-profile developments only further emphasize that guidance.