- A new report by Microsoft says that cyberattackers are targeting companies and researchers involved in research into COVID-19 therapies and vaccines.
- Vaccine researchers often have weak defenses against cyberattacks, experts say.
- Hackers are likely motivated by both financial and political gain.
loops7 / Getty Images
Coronavirus vaccine researchers need to upgrade their security practices after a new report indicates that they are being attacked by state-sponsored hackers, experts say.
Microsoft researchers say they have detected cyberattacks against seven prominent companies directly involved in researching vaccines and tests for Covid-19. While there’s been recent good news about the effectiveness of vaccines, observers say that attacks could hinder research or cause people to mistrust the vaccines.
“Vaccine researchers have become attractive targets for cybercriminals because of their weak cybersecurity measures,” Nir Kshetri, a professor at the University of North Carolina-Greensboro who studies cybersecurity, said in an email interview.
“They are low hanging fruits from a cybercriminal’s viewpoint. It is also the case that departments in universities and individual researchers and professionals store some of the most sensitive research data without help from cybersecurity specialists within their universities or hospitals.”
Most Attacks Blocked
Hackers have targeted leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States, said Tom Burt, Microsoft’s corporate vice president of customer security and trust, in a blog post.
The attacks came from a group from Russia, and two groups from North Korea, he said. “The majority of these attacks were blocked by security protections built into our products,” Burt added. “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help.”
“Researchers should also be trained so that they will not fall prey to clever social engineering scams that hackers use to steal sensitive research data.”
Cyberattackers have been targeting the health care sector during the pandemic for months. Ransomware attacks have hit hospitals across the U.S. In Germany, earlier this year, a woman may have become the first person to die as a result of a ransomware attack on a hospital. In another recent case, a Finnish psychotherapy center was attacked by ransomware and criminals attempted to blackmail patients after gaining access to their therapy records.
Hackers are likely motivated by both financial and political gain, experts say. The pharmaceutical industry has long faced the risk of corporate espionage. In 2019, data breaches and ransomware attacks cost the health care sector an estimated $4 billion.
“The motivation is to steal the data to create their own vaccine or sell it to competitors,” Aleksandr Maklakov, the CIO of cyber security firm Clario, said in an email interview. “Also, hackers can block researchers’ work in order to demand ransom.”
Vaccines as a Political Tool
A potential COVID-19 vaccine could be a powerful political tool, making it a tempting target for state-backed hacking groups, observers say. “These nation-state or state-sponsored groups of hackers with almost unlimited resources target vaccine researchers in order to damage or replace research results, push back their competitors to win this race,” Maklakov said. “Or they could use the data to move along their own vaccine development.”
The potential for harm from these cyberattacks is great. The United States’ enemies could try to attack the databases housing critical COVID-vaccine trial-related information, altering results that could make a potent vaccine falsely appear ineffective, or inflating the effectiveness of a weaker vaccine candidate, Nicole Bucala, vice president of business development of the cybersecurity firm Illusive Networks, said in an email interview.
da-kuk / Getty Images
The attackers could damage logistics information about how to distribute the eventual vaccines across the country. “Information on numbers of vials stored in certain locations could be altered to present an inflated number of vaccines in storage. Such a location will be surprised when it runs out of vials and will need to wait longer than normal to get a new supply,” she said.
Cyber attackers could even try to disrupt databases that house COVID-19 test results, Bucala said. They could alter positives to negatives for people’s tests in order to falsify lower infection rates, making people lower their guard and aiding the spread of the disease.
To combat the attacks, researchers should use up-to-date and secure software, Kshetri said. “They should also take the help of the cybersecurity team to protect the data with the highest level of cybersecurity,” he added. “Researchers should also be trained so that they will not fall prey to clever social engineering scams that hackers use to steal sensitive research data.”