As Digital Journal reported, hackers based in the Russian Federation have been targeting vaccine research centers. The hacking group, known as Crazy Bear, is believed to be affiliated with Russian intelligence.
The same threat group is well-known for its sophisticated attack on the U.S. Democratic National Committee in 2016 and the hackers often employs advanced spear-phishing and custom malware campaigns (as reported in the New York Times). The Russian government has refuted the accusations.
Looking into the issue for Digital Journal is James Carder, who is the Chief Security Officer & Vice President at LogRhythm.
Carder says that the attack means that new measures are required and that “Securing COVID-19 research centers has become crucial as they are a target for nation-state threat actors seeking to benefit from the pandemic.”
He also sees this as part of a wider campaign by ‘rogue states’, noting: “For years, China and Russia have stolen research and other types of valuable data to further their own advancements, and it is clear that cybercriminals adapt and change to what is most important to their government. In this case, being the first country to develop a vaccine would result in not only the protection of their people but also a political and economic advantage.”
In terms of wat needs to be done in terms of boosting cybersecurity, Carder says: “Organizations must make certain that they have the proper policies and strategies in place to identify and respond to the increase in cyberthreats that we have seen throughout the pandemic. It’s become a cliché, but nonetheless true for that people, process and technology are needed in order to protect against determined attackers.”
Taking a scenario, Carder explains: ” A busy researcher focused on COVID-19 research is unlikely to have cybersecurity at top of mind. Basic education on handling email and training on red flags to look out for, such as an email having unnecessarily urgent language or a news that’s a bit too good to be true, can help users who are perhaps not fully attentive to phishing emails. Implementing an automatic phishing intelligence software to detect and report phishing attacks can also empower companies to better deflect these targeted attacks.”