Exclusive: China-backed hackers attacked vaccine firm COVID-19 Moderna


WASHINGTON (Reuters) – Hackers linked to the Chinese government attacked biotech company Moderna Inc (MRNA.O), a leading developer of U.S.-based coronavirus vaccine research, earlier this year in an attempt to steal valuable data, according to a U.S. security official who tracks piracy activity in China.

FILE PHOTO: A woman holds a small bottle labeled “COVID-19 Vaccine” and a medical syringe in this illustration taken on April 10, 2020. REUTERS / Dado Ruvic / Illustration / File Photo

Last week, the US Department of Justice released an indictment of two Chinese citizens accused of spying on the United States, including three unidentified US-based targets participating in medical investigations to combat the COVID-19 pandemic. The indictment claims that Chinese hackers “carried out a reconnaissance” against the computer network of a Massachusetts biotech company known to be working on a coronavirus vaccine in January.

Modern, which is based in Massachusetts and announced its candidate for the COVID-19 vaccine in January, confirmed to Reuters that the company had been in contact with the FBI and that the group of hackers mentioned the suspicion of “reconnaissance activities of information”. indictment of the week.

Recognition activities can include a wide range of actions, including investigating public websites for vulnerabilities to scan important accounts after entering a network, cybersecurity experts say.

“Moderna remains highly alert to potential cybersecurity threats, maintaining an internal team, external support services and good working relationships with external authorities to continually assess threats and protect our valuable information,” said spokesman Ray Jordan, who declined to provide more details.

The United States security official, who spoke on condition of anonymity, did not provide further details. The FBI and the US Department of Health and Human Services declined to reveal the identities of the companies that Chinese hackers attack.

Moderna’s vaccine candidate is one of the Trump administration’s first and biggest bets to combat the pandemic. The federal government supports the development of the company’s vaccine with nearly half a billion dollars and helps Moderna launch a clinical trial of up to 30,000 people starting this month.

China is also competing to develop a vaccine, which brings together its state, military and private sectors to fight a disease that has killed more than 660,000 people worldwide.

An indictment issued on July 7 last week alleges that the two Chinese hackers, Li Xiaoyu and Dong Jiazhi, carried out a wave of hackers that lasted more than a decade and that recently included the target of medical investigation groups in COVID-19.

Prosecutors said Li and Dong acted as contractors for China’s Ministry of State Security, a state intelligence agency. Messages left with multiple accounts registered under Li’s digital alias, oro0lxy, were not returned. Dong’s contact details were not available.

The Chinese Embassy in Washington referred Reuters to recent comments from the Chinese Foreign Ministry saying: “China has long been a great victim of robberies and cyber attacks” and its officials “strongly oppose and fight.” against such activities. The Chinese government has consistently denied any role in incident piracy worldwide. The embassy spokesman did not address specific email questions.

The other two unidentified medical research companies mentioned in the Justice Department indictment describe themselves as biotech companies based in California and Maryland. Prosecutors said the hackers “searched for vulnerabilities” and “conducted a reconnaissance” against them.

The court filing describes that the California firm is working on the antiviral drug investigation and suggested that the Maryland company had publicly announced efforts to develop a vaccine in January. Two companies that could match those descriptions: Gilead Sciences Inc (GILD.O) and Novavax Inc (NVAX.O)

Gilead spokesman Chris Ridley said the company does not comment on cybersecurity issues. Novavax had no comment on specific cyber security activities, but said: “Our cyber security team has been alerted to the alleged foreign threats identified in the news.”

A security consultant familiar with multiple piracy investigations involving top-tier biotech companies in the past year said that Chinese piracy groups believed to be widely associated with the security of China’s Ministry of State are one of the main forces that point to the investigation of COVID-19 worldwide. This matches the description of the accused hackers, as MSS contractors.

Reports by Christopher Bing and Marisa Taylor; Editing by Chris Sanders and Lisa Shumaker

Our Standards:Thomson Reuters Trust Principles.

.