House Minority Leader Kevin McCarthy (R-Calif.) on Tuesday introduced legislation to sanction foreign hackers involved in attempts to target and steal research on COVID-19 vaccines and treatments.
The Defend COVID Research from Hackers Act would allow the president to impose sanctions on foreign individuals engaging in hacking activity that compromises economic and national security or public health and freeze any American assets of these individuals.
The bill also requires the secretary of State, in consultation with the director of national intelligence, to submit a report to Congress within 180 days of the bill’s passage on “the extent of known cyber-enabled activities or attempted cyber-enabled activities” around COVID-19.
McCarthy said in a statement that Congress should take steps to protect American researchers working on a “Victory Vaccine” to combat COVID-19, vowing that the U.S. would share any vaccine it developed with the world.
“We have seen that other nations – like China – use this virus to exploit other countries for political advantages,” McCarthy said. “We refuse to allow our innovation to be exploited by China, Russia, or any other hackers. We are going to protect the cure from falling into the wrong hands so that no one can use it as leverage for their own malicious ends.”
He emphasized that “the stakes are too high for these significant cyber crimes to go unpunished. My legislation will hold these criminals accountable.”
Rep. Mark Green (R-Tenn.) proposed the addition of the bill to the National Defense Authorization Act (NDAA) on the House floor Tuesday directly before the House was scheduled to vote on the overall legislation, arguing that foreign efforts to target COVID-19 research, particularly from Chinese actors, should not go unpunished.
“Americans are dying, China is hacking and we in Congress must act,” Green said. “Hacking American intellectual property will not be tolerated, especially when it jeopardizes the lives of Americans. If we can’t agree on punishing those who hack the heroes fighting for a cure for COVID, I don’t know what we can agree on.”
This attempt failed, with the House voting the bill down by a vote of 219-201, mostly along party lines.
House Armed Services Committee Chairman Adam Smith (D-Wash.), speaking for Democrats, objected to the bill being included without House members having the chance to fully examine it and warned that adding the legislation to the NDAA could jeopardize passage of the overall defense spending bill.
“Legislatively, this is a terrible idea to introduce a 13-page sanctions bill at the last possible moment and expect us to vote on it,” Smith said on the House floor Tuesday. “This puts us in the very risky position of passing really bad legislation at the last second for no good reason.”
While Smith objected to including the bill in the NDAA, he emphasized that he supported the idea of penalizing foreign hackers targeting COVID-19 research, saying that “we absolutely need to hold accountable Russia, China, whoever wants to interfere in our process of developing a vaccine.”
The bill was introduced the same day the Justice Department indicted two Chinese hackers for targeting hundreds of businesses around the world over a 10-year span, with the individuals most recently going after U.S. groups involved in COVID-19 treatment and vaccine research.
Federal agencies in the U.S. and other nations have warned in recent months that foreign actors were attempting to steal data on COVID-19 research, with authorities in the U.S., the United Kingdom and Canada last week issuing an alert around Russian government-backed hackers targeting coronavirus research.