Chinese Hackers Steal $20m US Covid Relief Benefits

The US Secret Service have disclosed Covid benefits worth millions of dollars have been stolen by the Chinese hacking group APT41, otherwise known a as Winnt, that has links to the Chinese government. The money was extracted from a fund designed to help small businesses, including unemployment insurance funds and SBA loans in more than twelve US states. 

The hackers successfully took advantage of the chaos caused by the pandemic and other parts of the US and further afield are likely to have been hit with similar attacks. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, the national pandemic fraud recovery coordinator for the Secret Service, told NBC.

A state-sponsored hacker group APT41 located in the southwestern Chinese city of Chengdu is believed to be behind the attack. They are a notorious criminal operation that has carried out a variety of government-supported hacks and commercially motivated data breaches is the prime suspect

The campaign began in mid-2020 and impacted 2,000 accounts associated with more than 40,000 financial transactions.

It’s unclear at this stage whether the group was specifically given orders to steal the funds or if government handlers simply looked the other way. According to reports, cyber criminals started siphoning off a sizeable portion as soon as state governments started distributing Covid unemployment funds in 2020. 

The federal pandemic unemployment funds totaling $872.5 billion have suffered a high degree of fraud and has an 'improper payment rate' of 20%, according to the Labor Department’s Office of Inspector General. 

US government officials from several agencies believe the true cost of the fraud is likely higher. Indeed, the Labor  department has told Congress that an extensive analysis of four states revealed 42.4% of pandemic benefits were paid incorrectly in the first six months.

The Secret Service said it has been able to recover around half of the stolen $20m, although this is a minor sum   compared to the amount lost through Covid-related fraud.

TEISS:     Pymnts:    NBC:    NYPost:     TechMonitor:       Daily Mail:   Infosecurity-Magazine

You Might Also Read:  

Britain's COVID - Driven Online Crime Wave:
 

 

« The Current Market For Cyber Security Founders & Investors
The Need For OT-centric Cyber Security Strategies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) is a service of DeIC (Danish e-Infrastructure Cooperation).

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

Optimal IdM

Optimal IdM

Optimal IdM is a leading global provider of identity management solutions and services.

Bugcrowd

Bugcrowd

As leaders in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Cylera

Cylera

Cylera is a Healthcare IoT cybersecurity and intelligence company built in close partnership with healthcare providers.

CYBRScore

CYBRScore

CYBRScore is a premium, performance-based cyber skills training and assessment provider that quantifies a user’s ability to defend a network.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Red Sky Alliance

Red Sky Alliance

Red Sky Alliance (Wapack Labs Corp) is a cyber threat intelligence firm that delivers proprietary intelligence data, analysis and in-depth strategic reporting.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

NorthRow

NorthRow

NorthRow provides digital transformation compliance solutions to help businesses manage regulatory and financial crime risks.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.