As concerns mount over China’s efforts to swipe intellectual property from U.S. companies – most recently COVID-19 vaccine research – the State Department has expanded its Clean Network program to protect U.S. critical telecommunications and technology infrastructure. Among the key objectives is to push vaccine research and other sensitive information to secured clouds.
The programs “are rooted in internationally accepted digital trust standards” and built on the 5G Clean Path initiative to secure data that travels on 5G networks into U.S. diplomatic posts overseas as well as within the U.S., Secretary of State Mike Pompeo said in a release.
The U.S. government has recently taken steps to curb efforts by China and Russia to steal COVID-19 vaccine research. Late last month, the Justice Department charged two Chinese hackers working with the Ministry of State Security for allegedly hacking into the systems of hundreds of companies, governments, NGOs, dissidents, human rights activists and even clergy. During that campaign that extended more than a decade, the hackers snagged intellectual property and proprietary business research, and more recently targeted companies developing COVID-19 vaccines, testing and treatments.
Earlier in the month, officials in the U.S., U.K. and Canada warned that Russia’s Cozy Bear, APT29, is actively trying to steal Covid-19 vaccine research by hacking vaccine trials and dropping WellMess and WellMail malware.
“APT29’s campaign of malicious activity is ongoing, predominantly against government, diplomatic, think tank, healthcare and energy targets to steal valuable intellectual property,” the U.K.’s National Cyber Security Centre (NCSC) noted in an advisory at the time.
Pressing U.S. allies and partners in government and industry worldwide to help “secure our data from the CCP’s surveillance state and other malign entities,” Pompeo said the Clean Network expansion includes:
- Clean carrier. Ensures untrusted People’s Republic of China (PRC) carriers are not connected with U.S. telecommunications networks.
- Clean store. Removes untrusted applications that threaten privacy, spread viruses and perpetuate disinformation from U.S. mobile app stores.
- Clean apps. Prevents untrusted PRC smartphone manufacturers – Pompeo pointed to Huaweii – from pre-installing, or make available for download, trusted apps in their apps store.
- Clean cloud. Prevents the most sensitive personal information and valuable intellectual property of businesses, including COVID-19 vaccine research, from being stored and processed on cloud-based systems that are accessible to foreign adversaries via companies such as Alibaba, Baidu and Tencent.
- Clean cable. Ensures the undersea cables connecting the U.S. to the global internet are not subverted for intelligence gathering by the PRC at hyper scale.