US researchers leveraged some of the world's most powerful supercomputers, including the ALCF's Theta system at DOE's Argonne Lab to advance their  understanding of COVID-19. Argonne high-speed supercomputing and artificial intelligence to rapidly screen billions of potential drug molecules for efficacy against Covid or other pathogens, by simulating how they interact with viral proteins.

Also stored on its servers since 2020, were classified US Government models for the spread of COVID-1,  preventative measures and policy effectiveness, and national security data for supply chains and infrastructure.

Chinese Computers, Citizens, or Affiliates were Banned from DOE Network Access

China at that time was blaming the US for starting the pandemic, and the US was attributing Covid's start to a Chinese lab, or bird market. For many reasons, the last thing the US would have wanted was China inside its Covid servers. But DOE, we were told, relied on its academic university partners to screen their student users allowed into Argonne networks.

And at least one graduate student, a non-US citizen who had just flown in the week before from the UK and rented a Air BNB in the heart of Washington DC, without even obeying the required Covid-19 screening or quarantine laws, and without a US Social Security number or green card, had been hired by Howard University whilst still in London, and was given direct access - user name and sign-on password - the day after he landed at Reagan National airport in DC, by his Howard University employer. Not even a former US military officer could pass a CAC (controlled access card) security screen that quickly. And US citizenship would be required for any US military or secure government server. As it was required - by law - to access Argonne or any DOE network.

Howard University just did not enforce US national security law. And Howard is not alone: US government academic partnerships with universities attended by students from other nations, especially China and India (due to India's close military partnership with China and Russia), as well as some mideastern nations opposing Israel, has long been a contentious topic in national security circles. 

Cyber Vulnerability No 1: Non-Citizen, Uncleared access to US Dept of Energy Cleared National Security Networks

Deficits in Argonne Cyber Security Contractor SOWs and Directives:

Endpoints, Network Mapping, Cyber Hygiene Not Priotized. Only packets prioritized.

Existing Argonne cyber security contractors during the pandemic told DC Strategic they focused primarily on packet sniffing - monitoring packet traffic in and out of the ANL networks for signs of cyber intrusion or illicit activity. Their cyber contracts, they said, did not prioritize endpoint monitoring, or scrutiny of interface traffic from Argonne's academic partnerships, such as Howard University. They were not given lists of approved student researchers, or the students' citizenship or home IT network providers or allowable, vetted computing devices. But whilst packet sniffing is a valuable part of any well-rounded cyber protocol, it is not robust enough on its own to constitute a primary defense.

And packets are post-attack in nature: this approach waits until AFTER network access to analyze packet traffic in and out of the network. A national security network should have the most robust protection BEFORE network access. Sounds basic, but it is still not the primary focus for many US Federal agencies, taught for years to rely on packet analysis.

More importantly, the Howard University - Argonne partnership injected the entire DOE network - our fastest supercomputer, our most classified nuclear weapons labs, our best biotech - with a basic vulnerabilty of unscreened users accessing classified federal networks. Think about graduate student demographics at most universities in the US, especially in cities like NY, Boston, LA, or Washington DC. They are often foreign, and often Chinese. Harvard pro-Hamas demonstrations last year illustrated the extent of anti-US, antisemetic student body infiltration at that institution. Would DOE, or the US military it partners with, welcome a terrorist student accessing its classified networks?

Even if students were not hostile to the US Government, were they careful to respect national security and OPSEC rules for their home and cell phone networks? Did they use illegal drugs or were they alcoholic? In this instance, the foreign student accessing Argonne labs via Howard University's interface did use illegal drugs and did have a reputation of being often drunk or under other influence. Was seen urinating on the lawns next to the Air BnB. Was allegedly open to letting 'anyone' onto his Howard: DOE access point. Was allegedly having money issues and was too poor to afford his own laptop, and so 'borrowed' Chinese mainland-made laptops of his Air BnB host, to use for his Howard: Argonne work.

It was and still is illegal to access any US Government network, with Chinese-made computing equipment. His work was unquestionably illegal, as a non-US citizen using Chinese computers: he was uploading scripts onto the DOE network, executing them to scrape data from DOE Covid servers, and downloading the resulting data. Did he share the data with anyone outside of Howard? Or sell any of it? Why did his Air BnB hosts have over 30 Chinese mainland computing devices in their basement, where they ran Bit Coin and crypto operations?

And this nightmare of illegal access got even worse: as it appeared to move into a deliberate cyber intrusion scenario, linked to a mainland China Space & Satellite firm in Maryland. Carelessness is very dangerous and academic institutions not trained in, or mindful of US national cyber security protocol and hygiene, risk doing serious damage to all of us. Americans died, as in other nations, from Covid. Thr  last nation who needed access to classified US Covid data, was China.

If meaningful medical dialogue for treatment and cure was the intent - China would have approached the US openly through diplomatic channels. Opening a back door into Argonne Covid R&D and Chinese supply chain intelligence, was not indicative of peaceful sharing of Covid research. But it was in keeping with Chinese espionage practices for years.

Some of the mainland China Endpoint computing devices involved in the Argonne Lab: Howard security scenario

If any US contractor or federal government employee were to show up on a network scan with such devices, they would be fired or suspended, and quite possibly charged with espionage. US DOJ made several such arrests during the pandemic, including a US citizen contractor from Virginia, just across the river from Howard and Argonne's DC location. Chinese cyber and device intrusion is a  large problem in the DC metro area due to the high numbers of South American immigrants, and Chinese and Russian aid to that region, often winning the loyalty of those citizens, who then immigrate into the US, with their Chinese devices and loyalty.