According to a new report, hackers affiliated with the Chinese government stole at least $20 million in U.S. COVID relief funds.
The Secret Service declined to disclose any specifics but acknowledged an NBC News claim that the Chinese hacking team responsible is known in the security research community as APT41 or Winnti.
According to analysts, APT41 is a prolific cybercriminal gang that has carried out a mix of government-backed cyber incursions and financially driven data breaches.
The theft of public money, including SBA loans and unemployment insurance funds, in over a dozen states is the first case of pandemic fraud linked to foreign, state-sponsored cybercriminals that the U.S. government has openly acknowledged, but it may only be the tip of the iceberg.
According to NBC, other federal investigations into pandemic fraud appear to tie back to foreign state-affiliated hackers.
The U.S. Justice Department indicted several members of the hacking group in 2019 and 2020 for spying on more than 100 businesses, including software development companies, telecommunications providers, social media companies, and video game developers.
"Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China," former Deputy Attorney General Jeffrey Rosen said.
Cybercriminals began siphoning off a considerable portion of COVID unemployment subsidies as soon as state governments began disbursing them in 2020.
The Labor Department's Office of Inspector General found an inappropriate payment rate of around 20% for the $872.5 billion in federal pandemic unemployment subsidies, while administration officials from numerous departments believe the full cost of the fraud is likely greater.
According to a thorough review of four states, 42.4% of pandemic payments were wrongly paid in the first six months, the department's investigator said last week in a report to Congress.
From April 2020 to May 2021, extra payments for unemployment benefits are expected to total more than $350 billion, according to a Heritage Foundation study of Labor Department data.
The theft itself is a worrying development that escalates the stakes, according to several current and former U.S. officials, regardless of whether the Chinese government ordered APT41 to steal money from American taxpayers or merely turned a blind eye.
A top Justice Department official described it as "dangerous" and claimed that it had significant ramifications for national security.