Coronavirus: Hackers Targetting Covid-19 Research Organisations

coronavirus Image credit: World Health Organisation

US and UK cyber officials warn of ‘malicious cyber campaigns targeting organisations involved in the Coronavirus response’

Western healthcare and medical organisations conducting research into the novel Coronavirus are being warned they are in the cross hairs of hackers.

The warning came in a joint advisory published by both UK and US cyber officials, namely the UK’s National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA).

Last month both the NCSC (a part of GCHQ) and the US CISA warned that state-backed hackers and online criminals are exploiting the Coronavirus pandemic.

Novel coronavirus. Image credit: CDCC
Image credit: CDCC

UK vaccine

They said back then that there was increasing number of malicious cyber actors are exploiting the current Covid-19 pandemic for their own objectives.

The NCSC said it had detected more UK government branded scams relating to Covid-19 than any other subject.

But now both US and UK bodies are warning those who are carrying out research into Coronavirus and Covid-19, to also bolster their cyber defences.

The UK is widely regarded as having the best chance of producing a viable working vaccine for Covid-19, thanks to the efforts researchers and scientists at both the Jenner Institute in Oxford (which started its promising trial last month) and another team at Imperial College London.

This research being produced by UK scientists is hugely important and potentially valuable. This has promised the warning from UK and US authorities.

“Security agencies in the United Kingdom and United States have exposed malicious cyber campaigns targeting organisations involved in the coronavirus response – and given tips to stay safe,” said both nations.

An advisory for international healthcare and medical research organisations has been published, advising staff to change any passwords that could be reasonably guessed to one created with three random words and implement two-factor authentication to reduce the threat of compromises.

This is because the UK’s NCSC and US CISA has seen large-scale ‘password spraying’ campaigns against healthcare bodies and medical research organisations.

They warned that ‘advanced persistent threat’ (APT) groups are targetting such bodies in an effort to collect bulk personal information, intellectual property and intelligence that aligns with national priorities.

“Protecting the healthcare sector is the NCSC’s first and foremost priority at this time, and we’re working closely with the NHS to keep their systems safe,” said Paul Chichester, NCSC Director of Operations.

How will businesses ensure post-Covid-19, that their organisation is safe and secure? Read our guide.

“By prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response, we can inform them of any malicious activity and take the necessary steps to help them defend against it,” said Chichester.

“But we can’t do this alone, and we recommend healthcare policy makers and researchers take our actionable steps to defend themselves from password spraying campaigns,” he concluded.

Safety campaigns

This stance was echoed by US officials,

“CISA has prioritised our cybersecurity services to healthcare and private organisations that provide medical support services and supplies in a concerted effort to prevent incidents and enable them to focus on their response to Covid-19, said Bryan Ware, CISA assistant director of Cybersecurity.

Last month NCSC urged the general public to report Coronavirus related email scams, and launched a ‘cyber aware’ campaign promoting behaviours to mitigate threats.

The cyber protector also launched an email reporting service, which the public can use to flag any suspicious activity.

The public is being advised to forward suspicious emails to report@phishing.gov.uk.

In its first week, the service received more than 25,000 reports – resulting in 395 phishing sites being taken down.

Do you know all about security? Try our quiz!