Chinese cyber actors are trying to steal Covid-19 vaccine research, FBI
Theft of such valuable data could threaten the delivery of secure treatment options, the agency believes
The US authorities have issued an alert to warn organisations of Chinese hackers trying to steal valuable research data relating to the treatment of Covid-19.
Earlier this month, the US Cybersecurity and Infrastructure Security Agency (CISA) and UK's National Cyber Security Centre (NCSC) released a similar alert warning of malicious actors using password spraying technique to target Covid-19 response organisations.
The agencies said that they were also seeing an increased use of coronavirus themes using spear-phishing emails and efforts to distribute malicious software via illegitimate apps claiming to offer information about coronavirus.
In the latest alert, the Federal Bureau of Investigation (FBI) and CISA state that cyber actors from China are targeting personnel and networks associated with coronavirus-related research to collect intellectual property and public health data on vaccines, treatments and testing of Covid-19.
Theft of such data could threaten the delivery of efficient and secure treatment options, the agencies said.
The alert advises all organisations conducting coronavirus-related research to step up their cyber security measures and to maintain dedicated insider threat practices to counter attempts to steal data.
IT security teams must prioritise timely patching of their systems for critical bugs, vulnerabilities. Software of all internet-connected servers also needs to be updated regularly, CISA advises.
Research institutions and pharmaceutical companies are currently trying to find a vaccine for the novel coronavirus strain, which experts says will the only way in the long term to save people's lives after lockdown restrictions are lifted across the world.
To date, more than 4.2 million people have been infected with the virus, which was first discovered in December last year.
US cyber security agencies have long accused China of funding hackers to steal intellectual property and other sensitive information from US networks. But China is not the only country that has been accused of attempting to collect intelligence on other countries' Covid-19 treatment efforts.
Last month, a report from Reuters claimed that hackers suspected to have ties with Iranian government tried to break into personal email accounts of the World Health Organisation (WHO) employees in hopes of gathering information about the Covid-19 outbreak.
The report claimed that the attacks had continued since 2nd March, although it was not clear if hackers had been able to compromise any sensitive accounts.
Iran-backed hackers were also accused in another Reuters report earlier this week of targeting American pharmaceutical company Gilead, whose antiviral drug Remdesivir has been found to help patients suffering from coronavirus.
More on Threats and Risks
Trading Standards warns of NHS contact-tracing phishing scam
Message telling people that they may be infected links to a malicious website which asks for personal details
US cyber security agencies shares list of routinely exploited vulnerabilities since 2016
Hackers are most frequently exploiting bugs in Microsoft's OLE technology
Vulnerabilities impacting Oracle iPlanet Web Server could result in data leakage, phishing
Vendors says it will not release a security patch as affected product has already reached end-of-life
Lazarus hacking group hiding a new variant of Dacls RAT in security app to target macOS users
The app is mostly used by Chinese speakers, as per researchers
Threat groups are looking to steal Covid-19 research, NCSC and CISA warn
The organisations being targeted include healthcare bodies, medical research institutions, pharmaceutical firms and others
Most read
