Coronavirus scientists targetted by Russian hackers


By MYBRANDBOOK


Coronavirus scientists targetted by Russian hackers

Russian hackers backed by the state are targeting pharmaceutical companies, healthcare, academic research centres and other organisations involved in coronavirus vaccine development, security agencies in the UK, USA and Canada have jointly warned.

 

The UK's National Cyber Security with support from the US National Security Agency and the Canadian security services put out the advisory stating cyberattacks from hacking group APT29 – also known as Cozy Bear – are attempting to steal information on coronavirus research.

 

Organisations in the UK, USA and Canada are thought to have been targeted by attacks, which the NCSC has high confidence have originated from a group working on behalf of the Russian government.

 

APT29 has links to the Russian intelligence services and has been identified as the culprit of a number of high profile international cyber attacks and spear-phishing campaigns, including attempted election interference in the United States.

 

There's currently no evidence to suggest that the hacking campaigns have been successful, but the NCSC says the attacks are still ongoing.

 

APT29 has been attempting to deploy custom families of malware – WellMess and WellMail, which both can issue commands on infected machines – against organisations involved in vaccine development. The two forms of malware haven't previously been publicly associated with APT29.

 

The group is also known to scan for vulnerabilities in networks – such as in Citrix, Pulse Secure and Fortigate products - which it can combine with known exploits in an effort to infiltrate systems and gain persistence to commit espionage and other malicious cyber activity. The NCSC has described APT29 as "very adept" at exploiting vulnerabilities before patches can be applied.

 

In order to protect against attacks, the NCSC recommends that organisations secure devices and networks with the latest security patches so attackers can't exploit known vulnerabilities. It's also recommended that organisations use multi-factor authentication, so in the event of hackers breaching passwords, there's an additional barrier to prevent them moving around the network.

 

It's also recommended that staff know how to spot phishing emails and that they're confident enough to report them – even if they feel they might have accidentally clicked on a link or handed over login credentials.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org