FBI offers US companies more details from investigations of health care hacking

The memo includes multiple examples of state-linked hackers trying to compromise organizations in the health care and public health sector.

The FBI has provided U.S. companies more information on the extent of recent criminal and foreign government-backed hacking operations against the health care sector and warned of ongoing efforts to steal U.S. research data.

Criminal and state actors continue to target U.S. clinical trial data, trade secrets, and the “sensitive data and proprietary research of U.S. universities and research facilities,” the FBI told industry in an advisory this week. “Likely due to the current global public health crisis, the FBI has observed some nation-states shifting cyber resources to collect against the [health care and public health] sector, while criminals are targeting similar entities for financial gain.”

The advisory, which CyberScoop obtained, includes multiple examples since February of state-linked hackers trying to compromise and retain access to the networks of organizations in the U.S. health care and public health sector. It is the latest in a series of warnings from U.S. officials about similar cybersecurity incidents as the race for a coronavirus vaccine intensifies.

In one case, a “health care-related company” told the FBI about suspected government-backed hackers that accessed the company’s network, installing a “backdoor’ for persistent access. In another, likely government-sponsored operation, hackers carried out a months-long campaign against a U.S. research organization, making “extensive attempts to regain access to the network,” the bureau said. The FBI did not identify the governments responsible for the activity.


The memo also describes a ransomware attack on a biological research facility, which recovered from the incident through digital and paper backups.

‘Data manipulation and deletion attempts’

Since the outbreak of the virus, which has killed more than 329,000 people worldwide, multiple health care companies have been rocked by ransomware attacks.

“Specific to COVID-19 related research, data manipulation and deletion attempts could undermine the credibility and integrity of ongoing research efforts and the results of clinical trials, delaying the delivery of a potential vaccine and treatment,” the FBI said.

The private warning follows the U.S. government’s accusation last week that hackers linked with the Chinese government were trying to steal U.S. research into a coronavirus vaccine. China denied the allegation.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts