An American healthcare centre specialising in cancer research has been targeted by a series of cyber attacks suspected to have been carried out by Chinese hackers.
The incidents are detailed in a new report aiming to shed light on the barrage of attacks facing healthcare organisations around the world.
Analysts at the US security firm FireEye analysed dozens of attacks on healthcare organisations globally and attempted to identify the motives behind them.
They observed a “concerted focus on acquiring healthcare research by multiple Chinese APT groups”, according to the study’s authors, who noted that China’s “growing concern over increasing cancer [rates]” may have paved the way for the attacks.
“Another probable motivation for APT activity is financial,” the researchers wrote. “[China] has one of the world’s fastest growing pharmaceutical markets, creating lucrative opportunities for domestic firms, especially those that provide oncology treatments or services.
“Targeting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors. The health centre, which has not been named in the report, was targeted using Evilnugget malware in early April as part of a phishing campaign that provided fake conference documents as a lure.”
Two Chinese threat groups, APT41 and APT22, have previously targeted the centre, according to FireEye, in attacks believed to have been conceived as part of efforts to steal research.
Sign up to Emerging Threats, our weekly cyber security newsletter
In 2016, the then US president, Barack Obama, signed an agreement with his Chinese counterpart, Xi Jinping, in an attempt to bring an end to state-sponsored theft of intellectual property between the two nations.
In the months following the agreement, Chinese commercial hacks fell by around 90 per cent, but have been on the rise again since 2016. The issue is likely to remain a key driver of trade talks between the US and China over the coming months.