Today the Federal Bureau of Inquiry announced that they were
opening a formal espionage inquiry into activities at the medical device manufacturer,
MedDevice. The FBI’s investigation was apparently started due to the recent non-hacking
case investigation initiated by the CSA’s Critical Infrastructure Security
Operations Center (CI-SOC).
Johnathan Quest, FBI spokesperson, told reporters that the
Agency had been initially brought into the investigation because of the ‘data
exfiltration’ investigation initiated by CI-SOC. “At that point we were looking
into an apparent cyberattack on the company,” Quest said; “But when MedDevice
announced that the ‘data exfiltration’ was part of a routine data transmission
to their manufacturing partner, MedZS, we became concerned because of known
associations of that company with the Chinese PLA.”
The investigation is apparently being based upon recent
changes to the espionage statutes making it a crime to provide information obtained
in federally sponsored research on COVID-19 related matters to foreign
governments or military without the express approval of the federal government.
MedDevice obtained a grant to support their development of the COVID-19 rapid
test device. The Peoples Liberation Army is not on the short list of foreign governments
or militaries that are exempt from the data sharing limitations.
General Buck Turgidson (Ret), Director of CI-SOC, assured
reporters that his organization did not share a copy of the original data
exfiltration with the FBI. “Our mandate is clear,” the General said; “We are prohibited
from sharing data obtained during our monitoring of partner facilities without
their permission. We brought the FBI in because we had information of a
potential crime, an apparent attack on the information systems at MedDevice.”
Quest confirmed that the FBI has not yet seen a copy of the
data sent to China. “Our investigation was initiated based upon the statements from
T. John McIntyre, President of
MedDevice,” he said; “Once we confirmed that MedZS was a wholly owned subsidiary
of the PLA we started a formal investigation. We will be formally requesting a
copy of the data sent to MedZS from the CI-SOC later today.”
Turgidson confirmed that the law authorizing the establishment
of the CI-SOC would require his organization to supply the Justice Department
with a copy of the intercepted files when they provided him with a subpoena
based upon an ongoing Federal investigation. “We are required to maintain
copies of our intercepts for seven days for just this reason.” Turgidson
explained.
Rep. Milk (D,CA) noted that privacy issues like this was one
of the problems that some legislators had with the bill authorizing the CI-SOC.
“We wanted to ensure that facilities signing up for the security monitoring did
not need to be concerned with CSA sharing any information being shared by the
facility would be able to be used in regulatory actions,” Milk said in a press
release; “We may need to review this incident to see if CI-SOC and the FBI
overstepped their bounds in this incident.”
No comments:
Post a Comment