State-backed cyber attacks on US organizations fighting Covid-19 are on the rise, warns DHS
Hackers linked to foreign states are increasingly attacking coronavirus research facilities, including pharmaceutical companies and research labs, warn officials from the US and UK.
The warning comes from the United States Department of Homeland Security (DHS) and their UK counterparts.
The hackers have a clear motive: steal sensitive research data to further their interests or to help their countries. "In today's world, there is nothing more valuable or worth stealing than any kind of biomedical research that is going to help with a coronavirus vaccine," senior US intelligence official Bill Evanina told BBC News.
Apart from large organizations, cybercriminals are also targeting individuals, small and medium businesses with Covid-19 related scams and phishing emails, UK's National Cyber Security Center said.
The agencies have not revealed the names of the countries involved, but China, Russia, and Iran could be involved in these attacks, sources told BBC.
These attempts have not resulted in data thefts yet. But the groups expect more of such attacks on research facilities in the coming months.
At Tuesday's daily briefing, UK's Foreign Secretary Dominic Raab said, "As well as providing practical advice, the UK will continue to counter those who conduct cyber-attacks. The UK and its partners will jointly respond to the threats and also stop the state-sponsored gangs, he added.
The agencies are advising various research groups on how to safeguard their accounts and passwords. “CISA has prioritized our cybersecurity services to healthcare and private organizations that provide medical support services and supplies in a concerted effort to prevent incidents and enable them to focus on their response to COVID-19," the agency said in a statement.
Attacks are on the rise
Late last month, Google said it had witnessed a spike in state-sponsored hacker attacks. Over 12 of such hacking groups are attempting attacks to steal research information.
"Hackers frequently look at crises as an opportunity, and Covid-19 is no different," TAG director Shane Huntley wrote in a blog post about the findings.
He added that hackers are using Covid-related themes across Google products to create a state of urgency, luring people into falling into their traps. They are trying to get their targets to click malicious links and download files.
Such activities have been on the rise since January 2020. In March, groups tried to hack into the World Health Organization (WHO). Though they did not succeed, the agency said there has been more than a two-fold increase in cyberattacks.
The WHO issued an alert warning people to steer clear of hackers posing as the agency to steal money and sensitive information from the public. “There has been a big increase in the targeting of the WHO and other cybersecurity incidents. There are no hard numbers, but such compromise attempts against us and the use of [WHO] impersonations to target others have more than doubled.” the Chief Information Security Officer of the agency, Flavio Aggio told Reuters.
“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country,” Costin Raiu, head of global research and analysis at Kaspersky, told Reuters.