Are Chinese hackers targeting COVID-19 research? Is your business next?

You may have seen the news that the US has claimed hackers working for the Chinese government are trying to steal valuable research on coronavirus vaccines and treatments from U.S. health care, pharmaceutical and research organisations.

It’s inevitable that organisations dealing with sensitive data related to coronavirus will be prime targets for cyber-attacks, data theft in particular. In recent times we’ve seen a specific increase in attackers targeting employees, using tactics such as phishing to compromise accounts.

In fact, our X-Labs team saw a rise in unwanted emails (malicious, spam or phishing) containing embedded URLs using the keywords of COVID or coronavirus from negligible values in January 2020 to over half a million blocked per day the end-of-March onwards. As hackers now target people, not silicon, organisations need cyber security solutions that address that.

We’re operating in a heightened environment where nation states – as well as cybercriminals acting for financial gain – can exploit the associated human stressors with our current situation to get to money or valuable intellectual property by exploiting the work-from-home model or hiding in the noise generated by all these on-going changes in the infrastructure.

It’s therefore critical for organisations to understand the context behind user interactions with data and systems – for instance, security teams can respond faster if they knew someone was acting outside of their normal work routine or were trying to access files they typically don’t interact with. Having the ability to observe behaviours and adapt protection to changing levels of risk is critical to preventing and mitigating cyberattacks.

If they happen, breaches will also often leave a digital trail or breadcrumbs, such as emails, web traffic or uncommon application use that indicate unusual behaviour, which organisations should learn from to shore up their defences in the future.


Nicolas Fischbach is the Global CTO of cyber-security company Forcepoint, the leading user and data protection cybersecurity company, entrusted to safeguard organisations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.