Tuesday, September 8, 2020

Corona Daily 334: The Spy Wars


There is not one vaccine race but two. One race is to develop it; the second to steal it.
*****

According to the American intelligence agencies, Chinese hackers have been trying to steal American research work on vaccines. The hackers have focused their efforts on Universities and schools where research is conducted. They are softer targets than the pharmaceutical companies. The University of North Carolina was among those where Chinese hackers tried to break in. Agents are offering education to those bodies as to how to protect their data and research better.

China works on several fronts. Their operatives extract information from the World Health Organization. There is some truth in Trump’s accusation of China’s disproportionate influence on WHO. (Taiwan is not allowed in the WHO meetings despite all other countries supporting its inclusion). China allegedly uses that influence to understand which vaccine research efforts are more promising. (Steal only what is the most promising).
*****

On 21 July, two Chinese hackers, Li Xiaoyu and Dong Jiazhi, were indicted by the US justice department. They sometimes worked on behalf of the Chinese state, and sometimes as private freelancers. In 2015, Obama and Xi had signed a pact promising to stop the theft of technological knowhow. Its effect lasted 18 months. Then Li and Dong became active. As early as 27 Jan, 2020, the pair hacked a Massachusetts biotech firm researching a vaccine. In February, they breached a Californian company researching a coronavirus drug. In May, they burgled another Californian firm developing virus testing kits.

The Chinese hackers first broke into the networks of employees or customers. Then impersonating them, they gained access to the pharma companies. They could smoothly steal the source codes from the software companies. Li and Dong rummaged through the “recycle bins”, where files are available but rarely seen by the system administrators. The hackers can also manipulate or corrupt the data by changing the file names or the data itself.

Though the American justice system held them guilty, of course they suffer no sentence. They are based in China, well paid by the Chinese government. China has no extradition treaty with the USA.

On the next day, Trump administration closed the Chinese consulate in Houston, Texas accusing the Chinese staff of spying.
*****   

Russian hackers are the other menace. Chinese generally focus on stealing intellectual property and technology. Russia’s cyber espionage aims on things like election interference, thereby weakening its geopolitical rivals.

This year, Russia is focused on stealing research by Oxford/AstraZeneca. British, American and Canadian agencies complained about the Russian hacking. On 16 July, the National Cyber Security Center published a 16-page detailed advisory.

Russia has two hacker groups, with wonderful names. Cozy Bear and Fancy Bear. You may remember them from the 2016 US presidential election. They are believed to be connected to different offshoots of KGB. Cozy bear is part of Russia’s foreign intelligence service (SVR). Fancy bear is linked to the military intelligence agency GRU (whose agents went to Salisbury to admire a cathedral).

A Kremlin spokesman denied the accusations, saying he didn’t know who could have hacked the research in Britain. But then, the same spokesman didn’t know who poisoned the Skripals or Navalny either.

After the Russian vaccine announcement, the Oxford scientists expressed surprise at the resemblance between their vaccine approach and the reported work of the Russians. If the Oxford suspicions are true, Russia wouldn’t need to conduct large scale trials. They can simply rely on the Oxford trial results.
*****  

Ravi

2 comments: