Countries throughout the world are working to find a vaccine for the COVID-19 virus. As researchers get closer to a permanent solution to the public health crisis, hackers are acting throughout the world in an attempt to be the first to obtain information on the vaccine. Cybercrime groups in both Russia and China have allegedly been hacking the U.S., U.K., and Canada in an effort to steal vital data relating to the pandemic.
APT29 Cyber Espionage Group Strikes
An advisory was recently issued by the U.S. National Security Agency and Cybersecurity and Infrastructure Security Agency, the U.K.’s National Cyber Security Center and Canada’s Communications Security Establishment. It stated the Russian hacking group known as APT29, “cozy bear” or “dukes,” has targeted research organizations within each of the countries who are involved in creating a COVID-19 vaccine.
The attackers found vulnerabilities in public networks that allowed them to scan and exploit other vulnerable systems to gain authentication credentials and go deeper into the sites. While in the past, these exploits didn’t lead to any quality data related to larger organizations, their attempts were not in vain. In recent attacks, the group has used vulnerability scanning against specific IP addresses of the organizations they target and have kept the credentials they found earlier from exploited sites.
After gaining access to a system, it is believed that they would seek more legitimate credentials to maintain consistent access and have used spear-phishing as a way to access login pages for targeted groups. Experts say that the hackers are striking because Russia does not have the resources in its country to develop a vaccine.
Chinese Hackers Charged with Intellectual Property Theft
The U.S. Justice Department has pressed charges against two alleged hackers from China for starting a hacking campaign that has targeted companies, non-governmental organizations, and Chinese dissidents. The goal of the hacking was to steal intellectual property, most recently COVID-19 vaccines and research data.
While it has not been determined whether or not the attackers actually stole any COVID19 research data, in the past, the hackers had allegedly stolen material on military satellite programs, wireless networks, and laser systems among other areas. Some of the tactics that are believed to have been used include:
Securing Research Data in a Pandemic and Beyond
Cyberattacks are unfortunately not a new occurrence and companies of all sizes need to enact the proper security protocols to defend against hacking. One of the easiest things to do is to protect devices and networks by updating them regularly and ensuring antivirus software is used to detect any potential threats.
Staff need to be educated on cybersecurity protocols and understand the difference between a phishing email and a legitimate message. Training employees will prevent any mistakes when using internal systems. Having a security monitoring system to detect any suspicious activity or vulnerabilities in an entity’s network is another move in the right direction.
One of the best things a company can do is have secure physical storage for all sensitive information, whether it be employee data or COVID-19 research. The SecureDrive BT is a hardware-encrypted storage device with FIPS 140-2 Level 3 Validation for the highest security. The devices are HIPAA compliant and have a tough epoxy coating to prevent any reverse engineering.
The BT drives offer 2FA and remote wipe in the event the device becomes lost or stolen. It is even remote management ready with geo- and time-fencing features to restrict drive access to predetermined times and places. To learn more about how these drives can protect your most critical and sensitive information, call 1-800-875-3230.