U.S., U.K. officials warn of cyberattacks on hospitals, research facilities

WASHINGTON — Law enforcement agencies in the U.S. and the U.K. are citing an increase in "malicious cyber campaigns" targeting hospitals, medical institutions and others involved in responding to the COVID-19 pandemic.

Two U.S. law enforcement officials told NBC News that the increased amount of information hospitals are collecting on patients because of the pandemic, as well as any research that could lead to the development of a vaccine, is highly sought after by hackers working on behalf of foreign governments, including China's.

On Tuesday, the U.K.'s National Cyber Security Centre and the U.S. Department of Homeland Security updated their joint April 8 warning to hospitals and other medical institutions, saying hackers "may seek to obtain intelligence on national and international health care policy or acquire sensitive data on COVID-19 related research."

The updated joint advisory does not specifically name China or any other suspected government or group, but it says the actors "frequently target organizations in order to collect bulk personal information, intellectual property and intelligence that aligns with national priorities."

While many barriers that typically limit cooperation among scientists from different countries have been broken down to advance COVID-19 research, the U.S. law enforcement officials said the U.S. remains vigilant about protecting its medical research from being exploited by China, in particular, because of the country's history of stealing U.S. biotech.

In January, the Justice Department charged a Harvard University professor and two Chinese nationals in three separate cases related to stealing biotech for the Chinese government. One of the nationals, Zaosong Zheng, 30, is alleged to have tried to smuggle vials containing cancer cell research out of the country by hiding them in a sock in his suitcase, which was discovered by law enforcement at Boston's Logan International Airport.

In January, Zheng's lawyer told The Washington Post that she was looking forward to a jury trial so her client could be found not guilty.

One tactic cyberattackers are now using against health care institutions is known as "password spraying," according to the advisory. The technique uses a single common word over many users on one network, in the hope that at least one account will be penetrated. The advisory also said outside contractors with access to medical information and research are often targeted.