US and China could be on the verge of a damaging cyberwar. Image: Youtube/CNN/Screengrab

SYDNEY — High-level cyberattacks on facilities researching Covid-19 vaccines have alarmed Australia and the United States, with defense strategists urging them to confront China, the nation widely believed to be responsible for them.

The United States Studies Center at the University of Sydney, which receives part of its funding from the Australian government, said on Tuesday (June 23) that the US and Australia should jointly protect vulnerable medical sectors.

Health research and vaccines “are things that are almost universally considered off-limits for geopolitical rivalry,” warned Ashley Townshend, director of foreign policy and defense studies at the respected think tank.

“While all countries engage in underhanded activities in their national interest – this is one domain which I think the world really wants to see international progress on,” said the researcher.

Australian Prime Minister Scott Morrison revealed on Friday (June 19) that multiple tiers of government, business and academia had been targeted in a series of cyber incidents, including hospitals and education facilities.

Security agencies in the US also warned that China was attempting to steal American research to develop Covid-19 vaccine and treatments. Beijing has made it clear that China wants to produce and distribute the first coronavirus vaccine.

Major pharmaceutical companies, institutes and universities across the world are working on Covid-19 vaccine research. Image: WHO

At least a dozen research centers are helping to develop or test potential Covid-19 treatments and vaccines in Australia, as well as pharmaceutical firms and academic faculties. Many have links to overseas projects. 

University of Queensland will launch human trials of a vaccine candidate in July, after signing a partnership with pharmaceutical company CSL and the global Coalition for Epidemic Preparedness Innovations. It hopes to produce up to 100 million doses of the vaccine by the end of next year.

Monash University in Melbourne reported a breakthrough on Monday (June 22) with the new antiviral drug α-ketoamide, after their research confirmed that it can protect against the virus. The improved version of α-ketoamide, an existing drug, was developed by researchers in Germany.

A laboratory at the Westmead Children’s Hospital in Sydney is conducting research to see whether the Bacillus Calmette–Guérin (BCG) tuberculosis vaccine can protect medical staff from possible Covid-19 lung infections. 

Morrison did not say why the medical sector had been targeted, or who was behind the attacks, but said it involved a “state-based actor with very significant capabilities.” 

Analysts said China, Russia, Iran, North Korea and Israel and the Five Eyes intelligence-sharing network comprised of the US, Australia, United Kingdom, Canada and New Zealand were the only countries with this high-level of capability.

Cyberattacks on medical research facilities could hobble the development of a Covid-19 vaccine. Photo: AFP/Jaap Arriens/NurPhoto

Cybersecurity firms have tagged increased spying activity by a suspected Chinese group since late January, when Covid-19 cases were first reported. FireEye said there were “multiple possible explanations” for the upsurge in cyber attacks, including clashes between China and Western countries over the virus.

Its report said the attacks were “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” The company believed that Chinese government contractors were to blame.

Responding to Morrison’s comments, Beijing denied that it was behind any attacks, insisting instead that it was a constant victim of cyber raids. “The attacks coming from institutes against China are totally baseless nonsense,” said Chinese Foreign Ministry spokesperson Zhao Lijian. 

Australian defense analysts said it was unclear whether those responsible were trying to steal research data or simply sow uncertainty, noting that while the attacks were fairly sophisticated, they were also easy to detect.  

The government-run Australian Cyber Security Center said no destructive activity had taken place, while the codes, web shells and other tools used were “copied almost identically from open source” and mostly exploited known vulnerabilities in online software like SharePoint and Citrix.

A top-secret defense review last year revealed that Australia could not cope with a sustained cyber operation targeting essential services such as medicines, fuel and components for power grids. It was released in May this year following a freedom of information request by a media group.

Companies providing infrastructure and utilities like electricity and water were among those attacked in the latest incidents. There is speculation that Australia will soon release new cyber safeguards for private businesses. 

Included in last year’s study was modeling for a possible pandemic from Asia as a likely threat within 10 years. Medical facilities have experienced shortages of essential equipment during the virus crisis, with tons of face masks, sanitizers and other gear snapped up by agents for Beijing and shipped to China.