U.S. COVID-19 research facilities have been targeted by nation-state hackers, FBI says GETTY While the Federal Bureau of Investigations ...
 |
| U.S. COVID-19 research facilities have been targeted by nation-state hackers, FBI says GETTY |
FBI confirms “reconnaissance activity and some intrusions” into COVID-19 research centers
The FBI has been urging everyone from kids at home from school to the public at large to be vigilant during the ongoing COVID-19 pandemic. This is in light of hackers and scammers looking to exploit our fear, uncertainty, and doubt regarding the current health crisis and the FBI has warned of a significant spike in such scams. Now it would appear that the threat stakes have been raised.
According to a Reuters report, FBI deputy assistant director, Tonya Ugoretz, has confirmed the Bureau has "seen reconnaissance activity, and some intrusions," into companies and institutions actively researching COVD-19 treatments. Speaking during an online discussion on April 16, hosted by international think tank the Aspen Institute, Ugoretz warned that organizations that have announced their research efforts publicly "make them a mark for other nation-states that are interested in gleaning details about what exactly they’re doing and maybe even stealing proprietary information that those institutions have."
Taking state-sponsored hacking to a new low
Cyber-criminals, such as the Maze ransomware group, have already made a play for medical facilities associated with COVID-19 vaccine research, such as an attack against Hammersmith Medicines Research in London on March 14. And only this week I reported how security researchers were cautioning hospitals on the frontline of the pandemic fight regarding a new "double extortion" threat from ransomware attackers.
Countries behind the attacks have not been identified publicly
On April 16, coincidentally, the U.S. Departments of State, the Treasury, Homeland Security, and the FBI had published an advisory regarding cyber-threats originating from the Democratic People’s Republic of Korea (DPRK) and announced a $5 million (£4 million) reward for information leading to the identification of the state-sponsored hackers involved.
Speaking at the time, Mark Sangster, vice-president and industry security strategist at eSentire Inc, suggested that the timing of the advisory suggested it could be "in response to something that the intelligence community has identified but cannot release in detail without exposing sources." The FBI deputy assistant director did not identify the facilities that had been hacked, nor specify which countries were thought to be behind the ongoing attacks.
Taking state-sponsored hacking to a new low
Cyber-criminals, such as the Maze ransomware group, have already made a play for medical facilities associated with COVID-19 vaccine research, such as an attack against Hammersmith Medicines Research in London on March 14. And only this week I reported how security researchers were cautioning hospitals on the frontline of the pandemic fight regarding a new "double extortion" threat from ransomware attackers.
But the kind of threat that the FBI is talking about is at a different level altogether. State-sponsored hackers, which are usually referred to as advanced persistent threat (APT) actors, are known for both their sophisticated attack methodologies and a penchant for cyber-espionage. As the pandemic unfolded across the United States, we have already seen such elite hackers targeting the World Health Organization although without success. Now, as Ugoretz has confirmed, that appears to have changed.
Countries behind the attacks have not been identified publicly
On April 16, coincidentally, the U.S. Departments of State, the Treasury, Homeland Security, and the FBI had published an advisory regarding cyber-threats originating from the Democratic People’s Republic of Korea (DPRK) and announced a $5 million (£4 million) reward for information leading to the identification of the state-sponsored hackers involved.
Speaking at the time, Mark Sangster, vice-president and industry security strategist at eSentire Inc, suggested that the timing of the advisory suggested it could be "in response to something that the intelligence community has identified but cannot release in detail without exposing sources." The FBI deputy assistant director did not identify the facilities that had been hacked, nor specify which countries were thought to be behind the ongoing attacks.