A US cancer research centre has been hit by a series of cyber attacks suspected to have been carried out by Chinese hackers.
The incidents are detailed in a new report aiming to shed light on the security challenges facing healthcare organisations around the world.
Researchers at the US security firm FireEye analysed dozens of attacks on healthcare organisations globally and observed a “concerted focus on acquiring healthcare research by multiple Chinese [Advanced Persistent Threat] groups”.
Cancer is the leading cause of death in China and the authors suggested “growing concern over increasing [mortality rates]” may have given rise to the attacks. “Another probable motivation for APT activity is financial,” the researchers noted. “[China] has one of the world’s fastest growing pharmaceutical markets, creating lucrative opportunities for domestic firms, especially those that provide oncology treatments or services.”
“Targeting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors. The health centre, which has not been named in the report, was targeted using Evilnugget malware in early April as part of a phishing campaign that provided fake conference documents as a lure.”
Two Chinese threat groups, APT41 and APT22, have previously targeted the centre, according to FireEye, in attacks believed to have been conceived as part of efforts to acquire research.
Sign up to Emerging Threats, our weekly cyber security newsletter
In 2016, the then US president, Barack Obama, signed an agreement with his Chinese counterpart, Xi Jinping, in an attempt to bring an end to state-sponsored theft of intellectual property.
In the weeks following the agreement, Chinese commercial hacks fell by around 90 per cent, but have been on the rise again since 2016. The issue is likely to remain a key driver of trade talks between the US and China over the coming months.