COVID-19, Vaccine-Makers, and Cyber Threat Actors
Over the past few months, seven Covid-19 vaccine development firms have been targeted by three advance persistent threat (APT) agents, reported Microsoft
Adding to a long array of incidents, vaccine researchers internationally were targeted in a series of state-backed cyberattacks in an attempt to steal sensitive information, according to Microsoft.
Seven leading pharma companies involved in Covid-19 research and vaccine development with bases in France, India, South Korea, Canada and the United States have experienced phishing and brute-force attacks.
Microsoft has traced the origins of the attacks back to cyber threat actors in Russia and North Korea.
“In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19,” said Microsoft Corporate Vice President Tom Burt in a press release.
“The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium.”
The infamous North Korean Lazarus Group (dubbed ‘Zinc’ by Microsoft) has been hitting employee mailboxes with fabricated job descriptions, impersonating recruiters (a practice known as spear-phishing) to steal credentials, while Russia-based cyber espionage group ‘Fancy Bear’ utilized brute-force and password spray mechanisms in an attempt to break into accounts.
“The majority of these attacks were blocked by security protections built into our products. We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help,” said the Microsoft CVP.
Multiple threat actors have leveraged the state of distress caused by the pandemic to destabilize healthcare IT infrastructure through sporadic cyberattacks.
State affiliated actors are highly motivated, highly capable and often committed to objectives ranging from securing political, military or commercial advantage for their countries of origin.
“A vaccine for COVID is a strategically valuable asset: Whoever gets a vaccine first has an economic advantage and it is worth billions of dollars to a country and its economy,” Sam Curry, Cybereason CSO, told the cybersecurity publication Threatpost.
“It is the ultimate IP with immediate value. Having a six-month lead on ‘re-opening’ the world could have a lasting balance of power impact. It’s like having an oil rush, a data advantage or territorial gain in older real political terms.”
Several organizations have taken cognisance of the unsettling trend of cyber attacks and called for world governments to safeguard healthcare organisations through cyber due diligence.
The Oxford Institute for Ethics, Law and Armed Conflict concluded that ‘any interference with the provision of health-care, including by cyber means, risks further loss of life as thousands continue to die every day’ and elucidated that medical facilities are protected by the international law.
The internet is global and thus, provisions for safeguarding healthcare infrastructure from attacks must also have global consonance. TAG Cyber CEO Edward Amoroso writes in Cyber Attacks: Protecting National Infrastructure:
“[A]ny program of national infrastructure protection must include provisions for international cooperation, and such cooperation implies agreements between participants that will be followed as long as everyone perceives benefit.”
The UX Connections View
Cybersecurity is very important for all business and healthcare providers in the modern workplace. At UX Connections, we specialise in designing cybersecurity dashboards for software platforms used by businesses to protect and monitor their data. If you need front-end cybersecurity help, please do get in touch with us.
Earlier this summer, Microsoft had announced the development of AccountGuard, a security service that notifies the account user in the event of a threat or a compromise by a known nation-state actor. Microsoft has since enrolled 195 organisations, protecting 1.7 million healthcare email accounts.
However many firewalls, security and notification systems it might cost to deter cybercrime actors, the dues must be paid—either to consolidate security—or to pay ransom.
Besides, the healthcare industry has other viruses to worry about.
Subscribe to the Blog
Join for the latest tech, design and industry news straight to your inbox.
Our UX team designs customer experiences and digital products that your users will love.