Luis Alvarez Discusses Why Hackers Are On The Hunt For The COVID-19 Cure
Reporting for CBS in May 2020, Charlie D’Agata affirmed that “intelligence sources had told CBS News that Chinese state-backed cyber attackers had been mobilized and laser focussed with one target in mind — the Coronavirus vaccine.” Two months down the line, the U.S., U.K., and Canada are pointing an accusing finger at the Russian Intelligence Services for recruiting hackers to target institutions developing COVID-19 vaccines.
How Critical Is the Situation at the Moment?
In a joint statement, governments of the three western nations have said that Kremlin Thursday has been orchestrating cyberattacks targeting research and academic institutions dealing with the Coronavirus, since February this year.
Officials from the three nations did not mince their words, they particularly identified the infamous hacking group, APT29, as being the mastermind of the hacks.
In that statement, Anne Neuberger, the U.S. NSA’s cybersecurity director, said, “APT29 has a long history of targeting governmental, diplomatic, think tanks, health care, and energy organizations for intelligence gain”. She proceeded to “encourage everyone to take this threat seriously and apply the mitigations issued in the advisory.”
This is not the first time APT29 (also called Cozy Bear) is on the headlines for cyberattacks in the U.S. Back in 2016, Cozy Bear, alongside another hacking group called Fancy Bear, was reported to have hacked the U.S. Democratic Party’s systems, just weeks to the presidential elections. In fact, many people read Kremlin’s hand in trying to interfere with the election results.
The recent attacks do pose not only the risk of stolen intellectual property but also the danger of Russia possibly deliberately corrupting the research files. If this were to happen, millions of people globally would be affected by the resulting vaccine. Addressing these concerns, Dominic Raab — the Foreign Secretary for Britain — said, “it is entirely unacceptable that the Russian Intelligence Services are targeting those working to combat the Coronavirus pandemic.
There are still a lot of gray areas, however, as to the extent of crucial information that was stolen, or even if Russia managed to steal any data at all.
The Coronavirus Pandemic and Its Risk to Cybersecurity
In a race to find a cure, it’s not just the good guys giving chase. Anything to do with COVID19-related related research — vaccines, test equipment and reagents, university labs, medical facilities, government agencies, and even pharmaceutical companies — are a potential target for malware perpetrators.
How Has Coronavirus Made You More Vulnerable to Cyberattacks?
With thousands of people now working from home using laptops with vulnerable software, the playground for hacks is much bigger; it’s more like a ‘hackers paradise.’
Anytime there is a global event, hackers tend to use it as a conduit to launch attacks. Whether it’s the Olympics, elections, or a global pandemic like the novel Coronavirus, they will try to leverage whatever the situation is against users. The idea behind these schemes is that in times of crisis, fear, and uncertainty cause people to let their guards down.
According to Atlas Magazine, there has been a 25% surge in ransomware attacks in the United States since the beginning of Coronavirus.
The bad news is that everybody is at risk, from the user of a single P.C. to multi-billion companies having sophisticated cloud systems.
How Can You Protect Your Organization From Hackers?
Before even safeguarding company systems, you should ensure that your workers’ devices are safe. Cyber Attackers are notorious for indirectly using employees’ gadgets as backdoors to company networks. To protect your employees’ devices:
- Ensure that they use multilevel authentication protocols where possible.
- They should not use the same password everywhere unless it is SSO-enabled.
- Have control of the information they post online concerning the company. Where applicable, personal accounts should not be used to post organizational details and vice versa.
If there is a lesson that you can draw from the recent cyberattacks on Coronavirus vaccine research centers, then it is the need to optimize your investments in cybersecurity.
The first line of defense is knowledge. Do you know the risks that you are facing?
- Corporate Email Compromise: This involves hackers gaining unauthorized access to a trusted vendor or employee email accounts to assume their identities. They can then make fraudulent payment requests or changes in your bank account information.
- Phishing and Smishing: The use of deceptive email, telephone, or text messages that appear to be from valid sources to trick you or your users into providing essential personal information.
- Malware: Malicious software introduced by clicking an infected link, attachment, or image embedded in an email or website. This allows fraudsters to access private data or take control of your computer.
- Social Engineering: Here, attackers use social network sites to manipulate you into sharing personal information and contacts.
Cybercriminals are continuously plotting new ways to steal data or money, and Coronavirus has provided the best opportunity to front their trade. With the emerging trend of state-sponsored cyberattack groups, the threat is even more significant.
The latest Russian attacks on Western research centers have left many wondering what their motive could be. Some have argued that Russia is safeguarding her citizens’ interests; the earlier they get the vaccine, the sooner they recover from the current economic scare ahead of the rest of the world. Others say it’s a way of trying to regain their global bargaining power and seeking to lift the sanctions that they currently face.
However, much you invest in staffing your in-house I.T. unit; you will always feel inadequate. For companies, the best solution has always been one, partnering with a reputable I.T. service provider. If state agencies are struggling to contain hacks, how would you trust a handful of experts in your I.T. department to safeguard your networks?
Let Alvarez Technology Group Help You Manage the Risk
For how long are you going to hold your breath waiting for the next cyberattack, until it happens? Leverage our over 19+ experience in offering expert I.T. solutions in SALINAS, Monterey County, Santa Cruz County & San Benito County to keep your systems safe from hackers.
Click here to find out how we can help or call us at (831) 753-7677.
