Experts On Russian Hackers Target Covid-19 Vaccine Research

Following the news that Russian state-sponsored hackers (a group known as “APT29” or “Cozy Bear”) targeted Covid-19 vaccine research, cybersecurity experts commented below.


EXPERTS COMMENTS
Stuart Reed, UK Director,  Orange Cyberdefense
July 17, 2020
in our security operations centres we are keen to progress our people through the ranks
Throughout the pandemic we have continued to see strong demand for our services from businesses, who themselves have been responding to the growing threat from adversaries hoping to capitalise on the crisis. As a result we continue to grow in the UK and have conducted many remote interviews in recent months, with most new employees starting their roles at home rather than in the office. Indeed, lo ....
[Read More >>]
John Hultquist, Director of Intelligence Analysis,  FireEye
July 17, 2020
The organizations developing vaccines and treatments for the virus are being heavily targeted by Russian, Iranian, and Chinese actors.
COVID-19 is an existential threat to every government in the world, so it’s no surprise that cyber espionage capabilities are being used to gather intelligence on a cure. The organizations developing vaccines and treatments for the virus are being heavily targeted by Russian, Iranian, and Chinese actors seeking a leg up on their own research. We’ve also seen significant COVID-related targeting ....
[Read More >>]
Bill Conner, CEO,  SonicWall
July 17, 2020
Never has this last aim been more apparent than now, at a time when Russia is vying for dominance.
Cybercriminals perpetrate their attacks for one or more of four core motives: financial gain, political interference, creating general havoc and stealing intellectual property. Never has this last aim been more apparent than now, at a time when Russia is vying for dominance. The coronavirus vaccine, urgently coveted by all countries, can grant a significant advantage. The Russian intelligence gro ....
[Read More >>]
Paul Bischoff, Privacy Advocate,  Comparitech
July 17, 2020
Surely a vaccine would have the greatest impact if shared with the whole world including Russia, whether they are friendly or not.
It's unfortunate that creating a vaccine has become a geopolitical competition rather than an opportunity for global cooperation. Surely a vaccine would have the greatest impact if shared with the whole world including Russia, whether they are friendly or not. So I'm not sure what incentive there is for Russia to steal research, unless it's worried about the UK capitalizing on a vaccine and price ....
[Read More >>]
Ed Macnair, CEO ,  Censornet
July 17, 2020
Organisations need to use email security that combines algorithmic analysis, threat intelligence and executive name checking.
In the midst of the darkest parts of this crisis, cyber crime hasn’t abated. Today’s announcement from the NCSC that Russian hacking groups have been targeting COVID-19 vaccine developers is not shocking but it is concerning. While the objective of this data breach is different to most financially-motivated attacks we see, the tactics the hackers are using are exactly the same. Once again, sp ....
[Read More >>]
Chris Hauk, Consumer Privacy Champion,  Pixel Privacy
July 17, 2020
Coronavirus vaccine research has created an enticing new target for hackers of all types.
Coronavirus vaccine research has created an enticing new target for hackers of all types. The use of social engineering (spear phishing) as well as malware have proven over and over as the "go to" methods for hackers to infiltrate networks to steal data. The attacks underscore the need for research groups to educate their users about the risks presented by hackers and how to foil such attacks. It ....
[Read More >>]
Robert Hannigan, Chairman,  BlueVoyant
July 17, 2020
The details in the NCSC’s advisory are an important tool for cybersecurity teams to detect this activity.
It is not a surprise to see Russian state agencies trying to steal valuable COVID-19 research. The methodology of APT29 is familiar and exploits known vulnerabilities, for example in remote services and VPNs, usually to steal credentials. The details in the NCSC’s advisory are an important tool for cybersecurity teams to detect this activity. ....
[Read More >>]
Calvin Gan, Manager ,  F-Secure
July 17, 2020
These systems may not be directly contributing to the research but could be used as a steppingstone to attain the final target.
The healthcare sector along with the WHO has been a target throughout the pandemic. The FBI also released an alert in May warning healthcare sector to take additional precaution to secure their systems and research. APT29 has been here for a number of years and, while they have been laying low, it did not mean that they were not updating their arsenal. There has been new malware attributed to ....
[Read More >>]
Matt Lock, Technical Director ,  Varonis
July 17, 2020
Hackers are like sharks in the water – and critical data is like blood.
The method of attack is absolutely in line with the kill chain – spearphishing to drop a pay load, malware used to run reconnaissance to find sensitive data, and then finally exfiltration by SSH, email, Web or DNS. They’re hoping to fly under the radar and avoid detection. We’ve known these research centres have been targets for some months now. I hope the researchers stopped any data loss a ....
[Read More >>]
Charity Wright, Cyber Threat Intelligence Advisor ,  IntSights
July 17, 2020
We are in a world war with the coronavirus and cyber warfare is expected because everyone is in a race to find a vaccine.
The news on Russia hacking into certain projects to steal Coronavirus vaccines does not come as a surprise to me. We are in a world war with the coronavirus and cyber warfare is expected because everyone is in a race to find a vaccine. In the process, multiple vaccines are being/will be developed and certain nations have a tendency to spy and steal information in order to get ahead, and in this ca ....
[Read More >>]
Tom Kellermann, Head of Cybersecurity Strategy ,  VMware Carbon Black
July 17, 2020
VMware’s own research shows that, during COVID-19, overall cyberattacks and ransomware-specific attacks have both increased by triple digits.
APT29 has historically been linked to Russia, which has set a clear precedent of launching cyberattack campaigns against the West. Russia’s alleged interference in the 2016 U.S. Election is, of course, the prime example of a coordinated attack campaign against the U.S.’s critical infrastructure. In this latest, alleged campaign, Russia appears to be following a playbook all too common for cybe ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article