Cybercriminals' New Target: COVID-19 Treatments and Vaccines

Alerts / May 15, 2020

In March 2020, the U.S. government took extreme measures to crack down on the spread of COVID-19, including largely shutting down international air travel. However, no quarantine, lockdown, or social distancing measure applies to cyberspace, where security threats have only seemed to increase over the course of the pandemic. On April 23, 2020, the Department of Justice (the “DOJ”) raised the alarm on a surge of cyberattacks against hospitals, research laboratories, healthcare providers, and pharmaceutical companies from abroad that are apparently aimed at harvesting intellectual property and information related to COVID-19 treatments and vaccines. As explained by John Demers, head of the DOJ’s National Security Division, “There is nothing more valuable today than biomedical research relating to vaccines for treatments for the coronavirus … whatever countries, company or research lab [that] develops that vaccine first and is able to produce it is going to have a significant geopolitical success story.”[1]

On May 13, 2020, the Federal Bureau of Investigation (the “FBI”) and Cybersecurity and Infrastructure Security Agency (“CISA”) followed with an “announcement to raise awareness of the threat to COVID-19-related research.” The announcement stated that the FBI is investigating the targeting and compromise of U.S. organizations conducting COVID-19-related research by cyber actors affiliated with China. The FBI and CISA urged all organizations conducting COVID-19-related research to maintain dedicated cybersecurity and insider threat practices and recommended some ways to do that.[2]

Institutions involved in COVID-19-related research, therefore, need to increase their vigilance and make sure that they employ best-in-class cybersecurity and data privacy policies to address these new risks.

The DOJ’s emphasis on preventing and prosecuting cyber-intrusions and economic espionage of biomedical and healthcare companies from abroad predates the onset of COVID-19. For example, Demers oversees the “China Initiative,” which was launched by then-U.S. Attorney General Jeff Sessions in November 2018 to “identify priority Chinese trade theft cases, ensure that we have enough resources dedicated to them, and make sure that we bring them to an appropriate conclusion quickly and effectively.” The China Initiative ramped up the DOJ’s efforts to combat China state-sponsored espionage, not just against traditional targets such as defense and intelligence agencies, but against targets such as research labs and universities as well.[3]

The DOJ has also brought cases against individuals for illegally obtaining medical-related trade secrets in the U.S. and exporting them for use abroad. For example, in January 2019, a Chinese national was sentenced to 27 months in prison after pleading guilty to six counts of unauthorized possession and attempted possession of trade secrets concerning medical devices used to treat cardiac and vascular devices that belonged to two former employers in the U.S. According to the DOJ, the defendant traveled to China multiple times, obtaining government-sponsored financing, and preparing to open a company in China to manufacture medical devices using the technology he misappropriated, but was apprehended before he could implement his plan.[4] More recently, in September 2019, an Ohio couple was charged with stealing exosome-related trade secrets concerning the research, identification, and treatment of a range of pediatric medical conditions from their former U.S. hospital employer. Without the hospital’s knowledge, in 2015, the defendants allegedly founded a Chinese biotechnology company and used the company to market products and services related to exosome isolation that the couple developed using the hospital’s resources and equipment. The defendants both face up to 10 years in prison for trade secret theft and up to 20 years for wire fraud.[5]

In response to the threat to COVID-19-related research, the Cyber Threat Intelligence League, boasting a network of more than 1,400 cyber security experts, is coordinating with U.S. authorities to take down threats as they arise. “They are trying to steal everything,” Ohad Zaidenberg, one of the group’s co-founders, said of the foreign threats, which include countries at risk of compromising intelligence such as China, Iran, and Russia.[6]

Companies should not just sit back and rely on the government to expose and address cyberthreats. Instead, particularly in the current remote-working environment, institutions involved in COVID-19-related research should make sure that they are taking the steps necessary to protect their systems and valuable research, including:

  • Implementing and maintaining effective security controls, including improving credential requirements and requiring multi-factor authentication.
  • Crafting efficient teleworking policies.
  • Educating employees to vet suspicious emails appropriately and recognize phishing scams.
  • Actively scanning web applications for unauthorized or anomalous access or activities.
  • Continuously updating systems to eliminate patchwork vulnerabilities in remote-working infrastructures.
  • Protecting access to remote meetings and the transmission of sensitive data.

These cybersecurity threats will not end with the pandemic. Companies should consult with experienced counsel, such as members of BakerHostetler’s CARES Act SWAT team, to ensure that their systems are capable of thwarting these cybersecurity threats.

Authorship Credit: Christina O. Gotsis, Jonathan B. New, Lynn Sessions and Patrick T. Campbell

[1] Zachary Cohen and Alex Marquardt, ‘They are trying to steal everything,’ US coronavirus response hit by foreign hackers, CNN, April 25, 2020,
[2] Public Service Announcement, Fed. Bureau of Investigation and Cybersecurity and Infrastructure Sec. Agency, “People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations” (May 13, 2020),
[3] Press Release, U.S. Dept. of Just., “Attorney General Jeff Sessions Announces New Initiative to Combat Chinese Economic Espionage” (Nov. 1, 2018),
[4] Press Release, U.S. Dept. of Just., “Chinese National Who Stole Trade Secrets While Working for Medical Device Companies Sentenced to Federal Prison” (Jan. 28, 2019),
[5] Press Release, U.S. Dept. of Just., “Couple Who Worked at Local Research Institute for 10 Years Charged With Stealing Trade Secrets, Wire Fraud” (Sept. 16, 2019),
[6] Zachary Cohen and Alex Marquardt, supra note 1.

Baker & Hostetler LLP publications are intended to inform our clients and other friends of the firm about current legal developments of general interest. They should not be construed as legal advice, and readers should not act upon the information contained in these publications without professional counsel. The hiring of a lawyer is an important decision that should not be based solely upon advertisements. Before you decide, ask us to send you written information about our qualifications and experience.