Skip to main content
The Globe and Mail
Support Quality Journalism
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); }
Coronavirus information
Coronavirus information
The Zero Canada Project provides resources to help you make the most of staying home.
Visit the hub

A sign is seen at the headquarters of Moderna Therapeutics, in Cambridge, Ma., on May 18, 2020.

Brian Snyder/Reuters

Chinese government-linked hackers targeted biotech company Moderna Inc, a leading U.S.-based coronavirus vaccine research developer, earlier this year in a bid to steal valuable data, according to a U.S. security official tracking Chinese hacking activity.

Last week, the U.S. Justice Department made public an indictment of two Chinese nationals accused of spying on the United States, including three unnamed U.S.-based targets involved in medical research to fight the COVID-19 pandemic. The indictment states the Chinese hackers “conducted reconnaissance” against the computer network of a Massachusetts biotech firm known to be working on a coronavirus vaccine in January.

Moderna, which is based in Massachusetts and announced its COVID-19 vaccine candidate in January, confirmed to Reuters that the company had been in contact with the FBI and was made aware of the suspected “information reconnaissance activities” by the hacking group mentioned in last week’s indictment.

Story continues below advertisement

Hackers linked to China's government targeted biotech company Moderna Inc, a leading U.S.-based coronavirus vaccine research developer, earlier this year in a bid to steal valuable data, according to a U.S. security official tracking Chinese hacking activity. Reuters

Reconnaissance activities can include a wide range of actions, including probing public websites for vulnerabilities to scouting out important accounts after entering a network, cybersecurity experts say.

“Moderna remains highly vigilant to potential cybersecurity threats, maintaining an internal team, external support services and good working relationships with outside authorities to continuously assess threats and protect our valuable information,” spokesman Ray Jordan said, declining to provide further detail.

The U.S. security official, who spoke on condition of anonymity, did not provide further details. The FBI and the U.S. Department of Health and Human Services declined to disclose the identities of companies targeted by Chinese hackers.

Moderna’s vaccine candidate is one of the earliest and biggest bets by the Trump administration to fight the pandemic. The federal government is supporting development of the company’s vaccine with nearly half a billion dollars and helping Moderna launch a clinical trial of up to 30,000 people beginning this month.

China is also racing to develop a vaccine, bringing together its state, military and private sectors to combat a disease that has killed over 660,000 people worldwide.

A July 7 indictment released last week alleges that the two Chinese hackers, Li Xiaoyu and Dong Jiazhi, conducted a decade-long hacking spree that most recently included the targeting of COVID-19 medical research groups.

Prosecutors said Li and Dong acted as contractors for China’s Ministry of State Security, a state intelligence agency. Messages left with several accounts registered under Li’s digital alias, oro0lxy, were not returned. Contact details for Dong were not available.

Story continues below advertisement

The Chinese Embassy in Washington referred Reuters to recent Chinese Foreign Ministry comments that said: “China has long been a major victim of cyber thefts and attacks” and its officials “firmly oppose and fight” such activities. The Chinese government has consistently denied any role in hacking incidents across the globe. The embassy spokesperson did not address specific questions sent via e-mail.

The two other unnamed medical research companies mentioned in the Justice Department indictment are described as biotech companies based in California and Maryland. Prosecutors said the hackers “searched for vulnerabilities” and “conducted reconnaissance” against them.

The court filing describes the California firm as working on antiviral drug research and suggested the Maryland company had publicly announced efforts to develop a vaccine in January. Two companies that could match those descriptions: Gilead Sciences Inc and Novavax Inc.

Gilead spokesperson Chris Ridley said the firm does not comment on cybersecurity matters. Novavax would not comment on specific cybersecurity activities but said: “Our cybersecurity team has been alerted to the alleged foreign threats identified in the news.”

A security consultant familiar with multiple hacking investigations involving premier biotech firms over the last year said Chinese hacking groups believed to be broadly associated with China’s Ministry of State security are one of the primary forces targeting COVID-19 research, globally. This matches the description of the indicted hackers, as MSS contractors.

Our Morning Update and Evening Update newsletters are written by Globe editors, giving you a concise summary of the day’s most important headlines. Sign up today.

Report an error
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies