The Secret Service recently disclosed that hackers linked to the Chinese Communist Party stole at least $20 million in coronavirus relief benefits.
While it is known that theft of state unemployment funds related to the Chinese coronavirus was committed, this is the first time the U.S. government has publicly acknowledged that thievery was also committed by foreign, state-sponsored cybercriminals, according to a report by NBC News.
The Secret Service said that Small Business Administration loans and unemployment insurance funds experienced theft of taxpayer funds in over a dozen states. Law enforcement and cybersecurity experts added that the theft committed by this hacking group — known as APT41 — may be the tip of the iceberg.
“It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, national pandemic fraud recovery coordinator for the Secret Service, told NBC News.
The Secret Service added that there are more than 1,000 ongoing investigations involving transnational and domestic criminals defrauding taxpayer funds and that APT41 is “a notable player.”
The foreign hacking group is considered a “Chinese state-sponsored, cyber threat group that is highly adept at conducting espionage missions and financial crimes for personal gain,” the Secret Service said in a statement.
APT41 had reportedly become the “workhorse” of cyber hacking that benefits the Chinese Communist Party, cyber experts and officials from multiple agencies say.
Cyber experts and officials also noted that the Chinese government may direct a hacking group to attack a certain target.
“The United States is target number one, because we are competitor number one,” Ambassador Nathaniel Fick, head of the State Department’s Bureau of Cyberspace and Digital Policy, told NBC News.
“It’s a really comprehensive, multi-decade, well-considered, well-resourced, well-planned, well-executed strategy,” Fick added.
The report added that the Labor Department Office of Inspector General has discovered an improper payment rate of about 20 percent of the $872.5 billion in federal coronavirus-related unemployment funds, and that the true cost of the fraud might actually be higher.
Additionally, an analysis of four states showed 42.4 percent of coronavirus benefits were paid improperly in the first six months.
APT41’s methods reportedly include hacking software and weaponizing it against users, such as businesses and governments. The group also tracks public disclosures about security flaws in software, and uses the information to target users who do not immediately update their software.