Chinese state-sponsored hacking groups have stolen at least $20 million from the US government, the Secret Service has claimed.
The hackers reportedly targeted Covid-19 relief funds – US taxpayer money that was intended to help private sector companies and workers survive the devastating pandemic.
Some call the group blamed for stealing taxpayer money APT41, or Wicked Panda, which some have also dubbed Barium.
A matter of national security
This appears to be the first time the US government has publicly acknowledged pandemic fraud linked to a foreign state-sponsored actor — but chances are, it won’t be the last time, as there are currently more than 1,000 investigations into possible transnational and domestic fraud incidents.
“You would be crazy to think that this group didn’t target all 50 states,” said Roy Dotson, the National Fraud Recovery and Epidemic Fraud Coordinator for the Secret Service. NBC News (Opens in a new tab).
It is unknown if the Chinese government ordered APT41 to attack the US government, or if the group was operating on its own, while turning a blind eye to the local government. Whatever the case, senior Justice Department officials are calling it a “serious” event with serious national security implications.
The Chinese Embassy in the US is keeping silent on the matter, despite their previous interactions on these matters, it is safe to assume that they will deny any involvement in any cybercriminal activity.
Ever since the Covid unemployment funds were formed, in 2020, cybercriminals have been all over the place. In fact, according to figures from the Labor Department’s Office of Inspector General, a fifth (20%) of the $872.5 billion fund was presented “improperly,” with the actual scale of fraud likely to be much greater.
NBC News reports that an in-depth analysis of four states showed that 42.4% of pandemic benefits are being paid incorrectly, in the first six months of the year.