Cyberattacks Threaten Coronavirus Research

Key Takeaways

  • A new report by Microsoft says that cyberattackers are targeting companies and researchers involved in research into COVID-19 therapies and vaccines.
  • Vaccine researchers often have weak defenses against cyberattacks, experts say. 
  • Hackers are likely motivated by both financial and political gain.

loops7 / Getty Images

Coronavirus vaccine researchers need to upgrade their security practices after a new report indicates that they are being attacked by state-sponsored hackers, experts say. 

Microsoft researchers say they have detected cyberattacks against seven prominent companies directly involved in researching vaccines and tests for Covid-19. While there’s been recent good news about the effectiveness of vaccines, observers say that attacks could hinder research or cause people to mistrust the vaccines. 

“Vaccine researchers have become attractive targets for cybercriminals because of their weak cybersecurity measures,” Nir Kshetri, a professor at the University of North Carolina-Greensboro who studies cybersecurity, said in an email interview.

“They are low hanging fruits from a cybercriminal’s viewpoint. It is also the case that departments in universities and individual researchers and professionals store some of the most sensitive research data without help from cybersecurity specialists within their universities or hospitals.” 

Most Attacks Blocked

Hackers have targeted leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States, said Tom Burt, Microsoft’s corporate vice president of customer security and trust, in a blog post.

The attacks came from a group from Russia, and two groups from North Korea, he said. “The majority of these attacks were blocked by security protections built into our products,” Burt added. “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help.”

“Researchers should also be trained so that they will not fall prey to clever social engineering scams that hackers use to steal sensitive research data.”

Cyberattackers have been targeting the health care sector during the pandemic for months. Ransomware attacks have hit hospitals across the U.S. In Germany, earlier this year, a woman may have become the first person to die as a result of a ransomware attack on a hospital. In another recent case, a Finnish psychotherapy center was attacked by ransomware and criminals attempted to blackmail patients after gaining access to their therapy records. 

Hackers are likely motivated by both financial and political gain, experts say. The pharmaceutical industry has long faced the risk of corporate espionage. In 2019, data breaches and ransomware attacks cost the health care sector an estimated $4 billion

“The motivation is to steal the data to create their own vaccine or sell it to competitors,” Aleksandr Maklakov, the CIO of cyber security firm Clario, said in an email interview. “Also, hackers can block researchers’ work in order to demand ransom.”

Vaccines as a Political Tool

A potential COVID-19 vaccine could be a powerful political tool, making it a tempting target for state-backed hacking groups, observers say. “These nation-state or state-sponsored groups of hackers with almost unlimited resources target vaccine researchers in order to damage or replace research results, push back their competitors to win this race,” Maklakov said. “Or they could use the data to move along their own vaccine development.”

The potential for harm from these cyberattacks is great. The United States’ enemies could try to attack the databases housing critical COVID-vaccine trial-related information, altering results that could make a potent vaccine falsely appear ineffective, or inflating the effectiveness of a weaker vaccine candidate, Nicole Bucala, vice president of business development of the cybersecurity firm Illusive Networks, said in an email interview.  

da-kuk / Getty Images

The attackers could damage logistics information about how to distribute the eventual vaccines across the country. “Information on numbers of vials stored in certain locations could be altered to present an inflated number of vaccines in storage. Such a location will be surprised when it runs out of vials and will need to wait longer than normal to get a new supply,” she said. 

Cyber attackers could even try to disrupt databases that house COVID-19 test results, Bucala said. They could alter positives to negatives for people’s tests in order to falsify lower infection rates, making people lower their guard and aiding the spread of the disease.

To combat the attacks, researchers should use up-to-date and secure software, Kshetri said. “They should also take the help of the cybersecurity team to protect the data with the highest level of cybersecurity,” he added. “Researchers should also be trained so that they will not fall prey to clever social engineering scams that hackers use to steal sensitive research data.”

Even with a vaccine, the number of deaths worldwide could reach 2 million. With vaccine candidates so close to potential distribution, researchers need to stay on their guard against cyberattacks.

Leave a Reply

Your email address will not be published. Required fields are marked *



What’s Next for the Mac in 2021?

Key Takeaways Apple plans to switch all its Macs to Apple Silicon chips within two years. The current iMac is due for an update—its design dates back to 2008. This year’s Pro Macs may get a hot-rodded version of the M1 chip. Apple With new chips, a new iMac, and new laptops, 2021 might be […]

Read More

Will CES 2021 Be the Battleground for New Computer Chips?

Key Takeaways Apple’s successful introduction of its custom, in-house Apple Silicon will challenge the fragmented PC market. The battle between Intel and AMD is intensifying, with AMD Ryzen processors coming to many mainstream laptops. Consumers buying a Windows laptop in 2021 will have the most choice in over two decades. Jeremy Laukkonen / Lifewire Apple […]

Read More

Dell’s New Monitors Are Made for Remote Work

Key Takeaways Dell’s new monitors have a button just to launch Microsoft Teams. They also feature a built-in camera, speakers, and microphone, and blue-light reduction. In the future, office tech might be more home-office friendly. Dell Dell’s just to launch Microsoft Teams, along with built-in microphones and pop-up webcams. In short, they’re the perfect monitors […]

Read More