Pharmaceutical companies researching treatments and vaccines for COVID-19 are being actively targeted by prominent nation state-backed hackers from Russia and North Korea, according to IT Pro. Groups including Strontium, Zinc and Cerium are launching “unconscionable” cyber-attacks against companies running trials for COVID-19 vaccines, one clinical research organisation and a company that’s developed a virus test – targeting a total of seven companies involved in researching vaccines and treatments. Strontium, allegedly linked with the Russian state, is using password spray and brute force attacks to steal login credentials, hoping to break into user accounts using millions of quickfire attempts. Zinc, meanwhile, uses spear-phishing lures for credential theft, posing as recruiters to send fabricated job descriptions to potential candidates. Cerium also engages in spear-phishing email lures themed around coronavirus, masquerading as World Health Organisation (WHO) representatives. Both are allegedly tied with North Korea.

Jake Moore

November 17, 2020

Cybersecurity Specialist

ESET

+ Follow - UnFollow

Social engineering and highly-targeted phishing campaigns are still relatively successful.

COVID-19 research centers are inevitably going to be targeted by criminal groups from around the world over the next 12 months, and we clearly need to maximise the security of these facilities in order to protect the intellectual property and medical research. The impact of a breach of this data could not only be catastrophic, but also has the potential to delay the most important vaccine in generations. Such attacks can occur in a variety of ways, but so many have a success rate when hacking.....Read More

COVID-19 research centers are inevitably going to be targeted by criminal groups from around the world over the next 12 months, and we clearly need to maximise the security of these facilities in order to protect the intellectual property and medical research. The impact of a breach of this data could not only be catastrophic, but also has the potential to delay the most important vaccine in generations. Such attacks can occur in a variety of ways, but so many have a success rate when hacking the human. Social engineering and highly-targeted phishing campaigns are still relatively successful and staff need to have measures in place to resist any misfortunate clicking or downloading. Restricted privileges and vigilance training are still key actions required to withstand such inevitable attacks.  Read Less

Like(0)  (0)

×

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Social engineering and highly-targeted phishing campaigns are still relatively successful...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hackers-pose-as-who-officials-to-attack-covid-19-vaccines

Copy this message and share on your Linkedin profile. Thanks! COPY

×

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Social engineering and highly-targeted phishing campaigns are still relatively successful...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hackers-pose-as-who-officials-to-attack-covid-19-vaccines

Copy this message and share on your Facebook profile. Thanks! COPY

No Comments Yet ....

Please login to comment.

Dot Your Expert Comments

Only for registered and approved experts. Please register before providing comments. Register here

Your Comments Headline (max 150 Char)

Your Comments:

Your Email:

* By using this form you agree with the storage and handling of your data by this web site.

Submit

Thank you, your comments have been submitted for review.

×

Upload Content

Youtube Link  

Image  

---

Youtube Link (Ex: https://www.youtube.com/watch?v=eUxUUarTRW4 )

Add

Uploading the content. Please wait....

Submit

×