Surprise, Surprise! Chinese Hackers Stole Millions in COVID Relief Funds

BeeBright / shutterstock.com
BeeBright / shutterstock.com

When the Federal Government announced that various funding for COVID relief would be available for the public, anyone with half a brain knew people would try to get their hands on these funds. Even if they didn’t make the grade to obtain them. It’s simply human nature to try and gain a leg up.

Recently though, the Secret Service announced that at least $20 million of that money was stolen by Chinese hackers. This marked the first time they publicly acknowledged these thefts, and it adds to the cases of Small Business Administration loans and unemployment insurance funds theft cases in over a dozen states. The hacking group behind this case is commonly known as “APT41” and many fear they may represent just the tip of the iceberg.

Roy Dotson, national pandemic fraud recovery coordinator for the Secret Service spoke with NBC News about the story. He explained that not only would it be a surprise if they didn’t target all 50 states, but he admitted that with over 1,000 active investigations the group is considered to be “a notable player.” He went on to explain they are labeled a “Chinese state-sponsored, cyber threat group that is highly adept at conducting espionage missions and financial crimes for personal gain.”

Ambassador Nathaniel Fick, head of the State Department’s Bureau of Cyberspace and Digital Policy also spoke with NBC News about the case. “The United States is target number one, because we are competitor number one. It’s a really comprehensive, multi-decade, well-considered, well-resourced, well-planned, well-executed strategy.”

With the Labor Department Office of Inspector General discovering that 20% of the $872.5 billion in COVID relief funds were handed out with an improper payout rate, suddenly the estimates of how bad the fraud has been could prove to be nothing but a horrible underestimation. With an additional audit of just four unnamed states, 42.4% of cases were discovered to have been improperly paid out.

This points the finger back at APT41. With their signature hacking of data and software to weaponize it against people or organizations, they have carved themselves out a pretty rich niche. They also take advantage of public disclosures about software vulnerabilities and exploit them to maximize their profits by taking advantage of those who do not do timely software updates.

Groups like APT41 are located across the globe. Their deep web and dark web connections keep them in business, and they have mastered the art of covering their tracks. While the Secret Service is adept at catching them, with each passing day it becomes more difficult to find out who is behind these attacks, and it becomes easier to destroy evidence.

With attacks like these from overseas, it also becomes more difficult to prosecute them for their crimes. China, North Korea, or even India will never hand over a hacker to the US for theft. They will “deal with it” themselves if they do anything at all. Complicating problems, even more, many of these hackers are working for the governments themselves, thus killing any incentive to do anything about the attacks.

The corruption inside the US government from decades of liberals sneaking inside to rot the country from the inside out only complicates things further. These groups have learned how to manipulate the system, and are determined to maximize what they can take from the country while lining their own pockets. These people are just as bad as groups like APT41, if not worse, and they too will never see prosecution. Perhaps it’s time we just do away with the handouts and make people prove why they need them before handing them out like Halloween candy.