Covid-19 likely to have widespread effects on security priorities, as companies shift to remote working and hackers focus on sensitive biotech data
Hacking groups are likely to continue targeting biotech companies after the end of the Covid-19 pandemic, security researchers have said.
The projections from security group FireEye/Mandiant come as the company releases a study into likely security trends for the coming year.
Mandiant’s researchers also see remote working and ransomware as significant trends for 2021.
The company’s comments follow Microsoft’s warning that it has detected nation state-backed attacks targeting pharmaceuticals companies and researchers involved in developing a coronavirus vaccine.
Cyber-security agencies in the UK and elsewhere warned such attacks were occurring earlier this year.
Mandiant said it believes other hacking groups are targeting the same organisations in a less visible way.
“I would guess that there is a lot of it going on that we’re not seeing from threat actors who generally keep a very low profile,” said Mandiant senior director of analysis John Hultquist.
He said the vaccine-related attacks are coming from “a lot of different actors”, including those not usually associated with intellectual property theft.
Hultquist said hackers’ increased focus on biotech firms is likely to continue even after the pandemic eventually ends.
Aside from seeking to gain an edge in vaccine research, nation states are also likely to be focusing on more traditional espionage hacking following elections in the US and elsewhere over the next few months.
Mandiant said newly installed leaders should expect a flood of targeted phishing emails as other countries look for advance warning on planned policy changes.
Meanwhile, the abrupt and widespread shift to remote working accompanying the pandemic is likely to make an impact on security budgets in the coming year as companies look to secure the perimeter, Mandiant said.
“I definitely think that we’ll see a continued increase in perimeter security, mostly due to remote workers,” said General Earl Matthews, vice president of strategy at Mandiant Security Validation.
Matthews said security administrators are also increasingly focusing on next-generation identity and access controls as a priority, in order to protect staff with higher-level security privileges.
Mandiant also sees ransomware evolving into an ever-more-dangerous threat as hacking groups conduct in-depth reconaissance of targets’ networks and lock up their most sensitive data.
Sandra Joyce, a Mandiant executive vice president, said she now sees ransomware as a national security issue due to the increasingly devastating nature of attacks.
She said the way ransomware groups such as DoppelPaymer have begun stealing data and releasing it if a ransom is not paid show how such gangs are taking an increasingly heavy toll.
Joyce said organisations should revisit their disaster recovery schemes, ensuring networks are segmented and data is securely backed up.
“What we advise organisations to do is really take a look at how prepared they are,” Joyce said.