A group of Chinese hackers stole at least $20 million in COVID-19 relief funds from the US government, the Secret Service said on Monday.
A Secret Service spokesman told NBC News that APT41, a Chinese state-sponsored cyber criminal group, was responsible for stealing millions of dollars from the government coffers. These funds included small business loans and unemployment relief in more than a dozen states, the spokesman told NBC.
The Secret Service also told NBC in a statement that it considers APT 41 a “Chinese state-sponsored, cyberthreat group that is highly adept at conducting espionage missions and financial crimes for personal gain.”
A March report from Mandiant, a cybersecurity firm, revealed how the computer networks of at least six state governments were hacked by APT41 in 2021.
“The United States is target No. 1 because we are competitor No. 1,” Nathaniel Fick, the head of the state department’s cyberspace and digital policy bureau, told NBC. “It’s a really comprehensive, multi-decade, well-considered, well-resourced, well-planned, well-executed strategy.”
Roy Dotson, a pandemic fraud recovery coordinator at the Secret Service, also told NBC that he thought it was likely that APT41 targeted funds in all 50 states. On CNN on Monday, Dotson also said APT41 is a “notable player” in the “more than 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs.”
Speaking to Reuters, representatives from China’s Washington embassy said China has “firmly opposed and cracked down on all forms of cyber theft and hacking.” The embassy called hacking accusations against China “groundless.”
Representatives for the Secret Service and the Chinese embassy in Washington did not immediately respond to Insider’s requests for comment.
At least one US state has moved to retaliate against Chinese entities they suspect could pose a security threat. Maryland issued an emergency directive on Tuesday banning state agencies from using TikTok, as well as other Chinese and Russian technology including those from Huawei, ZTE, Alibaba, Tencent, and Kaspersky.
Products from these companies “present an unacceptable level of cybersecurity risk to the State,” and the state has a “reasonable belief that they participate in activities including collecting sensitive personal information inappropriately, cyber-espionage disinformation or misinformation campaigns, and surveillance of government entities,” Maryland’s top information security officer said in the directive.
A TikTok spokesperson told Insider the concerns driving such bans are “largely fueled by misinformation.”
“We are disappointed that the many state agencies, offices, and universities that have been using TikTok to build communities and connect with constituents will no longer have access to our platform,” the spokesperson said.
Huawei, ZTE, Alibaba, Tencent, and Kaspersky did not immediately respond to Insider’s requests for comment.
Read next
Listen to The Refresh, Insider’s real-time news show
Listen to The Refresh, Insider’s real-time news show